Network Security Engineer

---

Job description

Candidate MUST possess a TS/SCI clearance with Intel Polygraph

Mandatory Requirements:
" Bachelor's degree in computer science, Engineering, Information Technology, or equivalent experience
" 15+ years of demonstrated experience as a System Engineer/Data Security focusing on Zero Trust technology
" Experience building and deploying infrastructure using Automation tools such as Linux scripting, Python and PowerShell
" Expertise in defining and enforcing data retention policies aligned with government regulations, ensuring data availability and compliance with Zero Trust security measures
" Knowledge of strong authentication methods such as multi-factor authentication (MFA), biometric authentication, and smart card authentication for robust identity verification
" Extensive experience in implementing encryption solutions for data at rest, in transit and in use, leveraging cryptographic algorithms and key management aligned with Zero Trust principles
" Proficiency in data security technologies, including encryption tools, access control mechanisms, and other data-centric security tools
" Understanding of encryption in transit, function and design
" Ability to create and manage TLS certificates both through Windows certificate services and the creation and management of self-signed certificates
" Deep-level understanding of Windows Active Directory, as well as the ability to configure/edit Windows Active Directory and Domain Services
" Ability to effectively use and manage Splunk to find vulnerabilities, security incidents, and understand how security rules are written across infrastructure
" Expertise implementing system logging to include network device, Windows, and Linux logging
" Effectively manage and operate Privilege Access Management (PAM) software
" Ability to manage and use secrets management tools such as Ansible secrets vault, Hashicorp Vault or equivalent
" Adept at configuring Linux servers for both local user authentication with varying levels of root privileges and also joining Linux servers to a domain and configuring the correct least privilege permissions needed for the environment
" Ability to manage and design a multi-factor authentication (MFA) environment for both domain joined and stand-alone machines using Yubikey, RSA tokens, or equivalent
" Expertise managing network segmentation and redirection utilizing iptables, nftables, Illumio, or equivalent solutions
" Understanding of the difficulties involved in performing all tasks on-premises in a highly secure isolated network environment, prioritizing least privilege, network isolation, and following Zero Trust principles
" Analyze customer requirements and provides solutions to a variety of technical problems of varying degrees of complexity
" Familiarity of Enterprise Vulnerability Scanning tools, including the ability to interpret and remediate findings
" Good communication and presentation skill to convey complex technical concepts to both technical and non-technical customers

Desired Requirements:
" Systems administration and IT certification in Linux, Microsoft, or other network related fields
" Experience using VMWare and other virtualization technologies

MUST be a US Citizen with a U.S. Government clearance - Intel with Polygraph

NOTE: Must have an active TS-SCI with poly. No sponsorships or upgrades are available. Submissions without this requirement will not be considered. H1-B holders will not be considered.

Benefits:
Up to 5 week paid vacation + 10 gov't holidays
Up to 15% contribution to 401k
LTD, STD disability and life insurance
Paid health, dental, and vision for employee and family.
$5000 annual training expense reimbursement
Computer purchase plan

<!– job description page –>