Tier III Network Security Engineer

Overview By Light is hiring a Tier III Network Security Engineer (IPSec) to join our team. Key elements of this position include: Conducting analysis and assessments on new emerging technologies; developing and recommending functional design solutions to meet stakeholder requirements; providing Tier III support to the Joint Network Operations Center (JNOC); developing, engineering, and recommending hardware and software solutions; and conducting cybersecurity mitigations on design solutions to comply with Risk Management Framework (RMF) cybersecurity requirements. Responsibilities Provide firewall, routing and switching support with hands on experience designing, testing, and implementing IGP, EGP, MPLS, VRF, and NFV/Service Chaining on an enterprise network to meet security, performance, operational, and functional requirements.
Ensure proper routing protocols are being applied to optimize the end-to-end network performance from the LAN, through a WAN, to a CAN, to a SAN, or a data center.
Assist the government with identifying any derived design objectives, technical specifications, performance requirements, and interoperability specifications to ensure the system design will meet stakeholder end-to-end requirements.
Develop, review, and update briefings, papers, or spreadsheets in support of this task.
Develop and implement firewall/router access rules, NAT policies, VPN technology, 802.1x, and radius protocols within the JCSE enterprise.
Develop, implement, and support the overall network security architecture on the JCSE enterprise.
Support development and test of equipment including monitoring server/hardware usage and up-time.
Provide direction in complex problem-solving situations and participate in direct interaction with internal staff as required.
Identify process improvement opportunities achievable through the optimum use of the servers. Design, implement and maintain a consistent backup and disaster recovery plan.
Perform vulnerability and risk analyses of security hardware and applications during all phases of the system development life cycle.
Collaborate with operations, QA, and third-party data centers to provide technical direction on network topologies, server configurations, hardware/software deployments, firewall configurations and other administrative tasks related to the staging and maintenance of company development, testing and production server and network stacks. Required Experience/Qualifications Current DoD 8570 IAT Level II certification (CompTIA Security+ce, CCNA Security, CySA+, etc.)
CCNP Security or CASP Certification Required
This position requires the candidate have a strong understanding of VPN technologies, IPSec, RA/CA process and authorities. Special Requirements/Security Clearance Minimum Secret clearance