About Lumen Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress.
We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.
The Role The Department of the Interior (DOI) has embarked in the modernization of the network infrastructure through the development and implementation of Zero Trust Architecture (ZTA), Trusted Internet Connection 3.0 (TIC3.0), and Secure Access Service Edge (SASE). Using a technical architecture that takes advantage of the distributed TIC 3.0 concepts and SASE technologies, DOI is moving from the existing Virtual Private Network (VPN) access to a cloud-based access model. As a result, the Department is deploying the Palo Alto SASE solution, Prisma Access, which provides secure internet access for users by filtering web traffic and protecting against web-based threats, cloud-based firewall solutions that enables enforcement, as well as secure access to applications and data for authorized users, devices, and applications. This modernization effort will afford DOI the opportunity to move high value assets to the cloud, reduce the costs of the existing Internet gateways, extend enterprise security beyond the edge, while minimizing the overall cost of network circuitry.
The deployment and support of the Prisma Access solution requires a great deal of expertise in designing, implementing, troubleshooting, and documenting network security infrastructures and related systems. This position servers as the SASE Security Administrator responsible for providing technical analysis, planning, engineering, and implementation in the field of network security. The contractor will serve as the expert in enterprise network and cyber security infrastructure, ensuring the efficient and effective implementation of network security solutions. The position requires expertise in network and cyber security hardware and software, including routers, firewalls, and Intrusion Detection/Intrusion Prevention devices. The candidate will be working with a cross-functional team comprised of technical experts from DOI, Lumen, Palo Alto, and other organizations in the transition of the Prisma Access solution from the pilot project to securely connecting all DOI users to the production applications they need.
The Main Responsibilities - Conduct technical analysis and provide expertise in network security planning, engineering, and administration.
- Serve as the expert in enterprise network and cyber security infrastructure, collaborating with cross-functional teams.
- Analyze implementation techniques and tools to identify the most efficient solutions for network security problems.
- Coordinate third-party maintenance for network and cyber security equipment and troubleshoot problems.
- Validate network security design and assess newly released equipment software and operating systems for vulnerabilities.
- Provide specifications and detailed schematics for unified network architecture.
- Monitor and detect potential performance and throughput issues, developing risk mitigation solutions.
- Provide guidance to team members and report status metrics to the Government officials.
- Provide third-level support and troubleshooting for network problems, including after-hours and weekend support.
- Assist the DOI SOC and cyber defense and response teams during security incidents, involving timely configuration changes to SASE and participation in significant incident bridges.
- Support user access in the Lumen SASE portal based on least privilege roles and provide operations training and support as needed.
- Provide guidance, assistance, and recommendations to determine new technical services and solutions for DOI.
- Development of configurations, troubleshooting, and best practices to DOI and stakeholders.
- Expedite and escalate service issues for a quick resolution.
- Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed promptly.
- Utilize fault isolation and root cause analysis skills to provide DOI and stakeholders with post-sales technical support, configuration, troubleshooting, and standard methodologies.
- Identify product defects and work with Lumen and Palo Alto via lab replication for root cause analysis.
- Work with Lumen and Palo Alto to develop and deliver bug fixes.
What We Look For in a Candidate - Hands-on experience with one or more of the following Next-Gen firewalls: Barracuda, Juniper, Cisco, Check Point, or Palo Alto.
- Extensive experience implementing and maintaining firewalls and staying updated on any released security vulnerabilities and how they affect the network.
- Extensive experience performing on-going optimization of the network security devices to ensure adequate capacity, availability, and scalability.
- Experience designing, implementing, troubleshooting, managing, and documenting network security infrastructures and related systems.
- Demonstrated ability to participate in the Change Management process including creating new change requests, reviewing submitted change forms, peer reviewing submitted change requests, implementing firewall changes and peer reviewing firewall changes.
- Expertise in modifying firewall rule sets, changing policies, whitelisting, content filtering, and troubleshooting issues by studying network traffic flows, locking down applications, and troubleshooting firewalls, routers, and switches.
- In-depth knowledge of layer 4-7 app aware firewalls.
- Experience establishing and modifying site-to-site VPNs.
- Ability to manage threat protection, URL blocking, IOC feeds, routers, and switches.
- Experience performing monthly firewall health checks.
- Experience developing detailed build and test plans for implementing firewalls and other security appliances.
- Palo Alto Networks Certified Network Security Administrator (PCNSA) AND/OR (PCNSE) certification
- 10+ years of experience in designing and deploying advanced support of enterprise networks and security solution architectures.
- 3+ years of experience in Palo Alto PRISMA Cloud preferred.
- Extensive knowledge of data security practices and systems; NIST, ISO, etc.
- Strong ability to independently debug broad, complex, and unique networks with mixed media and protocols required.
- Ability to interact with customers, vendors, and project managers regularly to support implementations, change management and troubleshooting.
- Experience working in a leading ticketing system and prioritizing workflow based on criticality and urgency.
- Excellent communication and teamwork skills.
- Ability to obtain/maintain Public Trust Suitability through a background investigation.
Compensation This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.
Location Based Pay Ranges:
$103,711 - $138,281 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY.
$108,896 - $145,195 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI.
$114,082 - $152,109 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA.
Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process.
Learn more about Lumen's:
Requisition : 337945
Background Screening If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits . click apply for full job details