full-time employee contract
• Provide 24/7 engineering network defense engineering support involving the design, configuration, implementation, and operational management of network defense systems and management of network boundary security devices. This shall include:
•Troubleshoot network defense devices such as proxy filters, traffic accelerators, firewalls, VPNs and IPS/IDS.
•Shall configure and manage Access Control Servers (ACS) and Radius servers, Terminal Access Controller Access Control System+ (TACACS+), 802.1x, AAA, SSH, crypto maps, ACLs and other network security protocols.
•Shall create network accounts, manage account permissions, update 802.1x with current information systems, complete tickets related to firewall and proxy exemptions, and troubleshoot network security-related issues.
•Shall configure, administer, and troubleshoot firewalls and BlueCoat ProxySG appliances and implement at network hardware technology, with particular emphasis on Cisco PIX, Cisco ASA, Cisco Routers, Juniper Netscreen, and Bluecoat ProxySG.
•Transition to application based firewalls.
•Assist with the development and documentation of recommendations for theater network operational policies, procedures, technical standards and guidelines.
•Maintain compliance of network device software versions and configuration in accordance with DISA STIG policy; devices shall be compliant within 30 days of policy updates.
•Implement approved network policies within two (2) hours of receipt.
•Begin troubleshooting security device problems within one (1) hour; resolve problems within six (6) hours.
•Requires Bachelor's degree in (field mathematics, telecommunications, electrical engineering, computer engineering, computer science) or two to four year of overall IT experience in lieu of a degree.
•Must have a Secret Clearance.
•Must have at least 7 years of experience with Enterprise level routing.
•Must possess at least 5 year of experience with Service Provider level routing.
•Must have IAT level III compliance per DOD 8570.