Network Security Engineer with Security Clearance

MUST HAVE experience with SCCM and PowerShell Scripting. Designs, plans, and builds communications networks. Configures routers and switches, and firewalls for LAN and WAN systems and VPN concentrators with appropriate network engineering and communications protocols. Coordinates LAN/WAN hardware/software improvements and/or enhancements. Monitors the network utilizing industry leading technologies. Provides innovative methods and technical solutions using the engineering design process. Plans implementation of enhancements. Develops cyber control solutions, performs remediation of cyber incidents. Performs all procedures necessary to ensure the safety of information system assets and to protect systems from intentional or inadvertent access or destruction. Leads Risk Management Framework efforts. Associated tasks include;
1. Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents. Performs maintenance and upgrade of networks including servers, routers, switches, firewalls, remote access systems, and networks.
2. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation. Experience with DISA STIG compliancy and use of SSC tool and knowledge of CKL review and mitigation process.
3. Up to date on current CISCO security advisories and responses.
4. Evaluate firewall change requests and assess organizational risk. Knowledge of firewalls, encryption and security best practices.
5. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
6. Assists with implementation of counter-measures or mitigating controls.
7. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices. Understands the leveraging triple A - Authentication, Authorization, Accounting framework. Understands management sessions and limit users to specific, administrator defined commands and log all commands.
8. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance. Knowledge on centralized log collection and monitoring. Able to configure layer 2 and 3 devices to generate logs.
9. Prepares incident reports of analysis methodology and results. Experience gaining traffic visibility with netflow.
10. Serves as a technical team or task leader. May coach and provide guidance to less-experienced professionals.
11. Maintains current knowledge of relevant technology as assigned.
12. Participates in special projects as required.
13. Experience with configuration management and generation of configuration archives for backup and rollback.
14. In depth networking knowledge with VPN, IPSEC & GRE tunnels, switching and routing within a WAN and LAN.