Computer Network Defense (CND) - Firewall / Network Security Administrator - SECRET - RAF Molesworth - Military veterans preferred

1. Performs complex systems development and design work that may include logic design, I/O design, firmware development, model formulation, manufacturing and development cost projections, computer architecture analysis and design, and analog or digital systems engineering
2. Tests, implements, deploys, maintains, reviews and administers the infrastructure hardware and software that are required to effectively manage the computer network defense (CND) service provider network resources. Monitors network to actively remediate unauthorized activities
3. Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
4. Installs, configures, tests, operates, maintains, and manages network based firewalls
5. Troubleshooting firewall infrastructure problems
6. Defining and managing firewall policies
7. In-depth operational work with network IDS and incident response including but not limited to Fidelis
8. Performs integration of Splunk
9. Conducts security architecture design
10. Implements new cyber capabilities
11. Implements regional based IPS
12. Designs and defines system architectures for new or existing cybersecurity systems
13. Performs systems modeling, simulation, and analysis
14. Reviews completion and implementation of system additions and/or enhancements and makes recommendations to management and/or clients
15. Plans upgrades of operating systems and designs systems enhancements
16. Develops documentation on new or existing systems
17. Develops and conducts tests to ensure systems meet documented user requirements
18. Identifies, analyzes, and resolves system problems
19. Provides system/equipment/specialized training and technical guidance
20. Determines system specifications, input/output processes, and working parameters for hardware/software compatibility
21. Provides guidance and work leadership to less-experienced systems engineers and may have supervisory responsibilities
22. May serve as a technical team or task lead
23. Serves as liaison with clients, participating in meetings to ensure client needs are met
24. Maintains current knowledge of relevant technology as assigned
25. Participates in special projects as required

1. 8-10 years of related systems engineering experience.

2. Must possess and maintain a Secret Clearance

3. Must meet DoD 8570 requirements and be eligible for IAT Level II (Security+ CE Certification or equivalent) access upon hire for positions with elevated privileges and must obtain ITIL V3 Foundation within six months of hire

4. Depending on job assignment, additional specific certifications may be required

5. This position may be required to complete short-term deployments to austere locations worldwide

6. Must have experience using CND tools such as Enterprise Security Information and Event Management Systems (SIEM), Intrusion Detection and Prevention Systems (IDS, IPS), Web Content Monitoring Systems (Palo Alto, Cisco), Firewall and Syslog logs.

7. Must have the following Firewall experience: Cisco ASA, Cisco IOS FW, Palo Alto

8. Experience with Network TAP/SPAN aggregators: Cisco Nexus with Data Broker, Gigamon HC*, Ixia

9. Basic experience administering and Automating Linux Systems

10. Scripting experience in Powershell/BASH

11. Programming and automation experience utilizing Ruby/Python/Perl

12. Network Access Control (NAC) experience: ForeScout, CounterACT, Cisco ICE

13. Virtualization experience: VMware ESX and NSX, KVM, Xen Server

14. In-depth HBSS experience with configuring and analyzing results from but not limited to HIPS, DLP and VSE

15. Experience in ACAS Operations (Security Center, Nessus Scanner and PVS)

16. The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment

The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job. Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job. #BICES and #CJPOST

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience.