Leidos Corporate Group has an immediate opening for a Network Security Engineer to join our Cyber Information Security team.
In this role, you will be responsible for the design, documentation, deployment, and maintenance of enterprise network security solutions such as firewalls, tap aggregation, packet capture, content filtering and cloud security tools. We're looking for a candidate who can support this role from one of our following locations: Orlando - FL, Reston - VA, or Gaithersburg - MD.
Initially, this position will be working on a refresh and re-architecture project for our 300+ locations. Travel in this position is rare, and typically no more than a few weeks a year.
- Play a key role in the overall network security system design for large scale IP networks with over 40K nodes including Internet PoP security and DMZ segmentation.
- Maintain and enhance the standing security systems, deploy new security capabilities, and provide security engineering services to non-security specific IT efforts. Maintenance responsibility will include helping to ensure firewall, content filtering, IPS and cloud security tool policies are being updated in accordance with established standards, capacity planning and handling engineering level problems (problem management).
- Work with the Network Security Operations team to ensure proper operational management of enterprise network security systems.
- There is no on-call rotation, but will occasionally be required to work nights and/or weekends for escalation support or to meet project requirements.
- Bachelor's Degree and 8+ years of relevant experience, including 4+ years of experience in an enterprise security or infrastructure engineering role. Additional years of relevant experience, training, and/or professional certifications will be considered in lieu of Bachelor's degree
- US citizenship is required and eligible for federal security clearance
- Experience designing, deploying and maintaining enterprise class firewall solutions (additional experience, education or training may be considered).
- Experience designing, deploying and maintaining enterprise class forward proxy and content filtering solutions
- Strong knowledge of the OSI 7-layer model
- Strong knowledge of TCP/IP and common application layer protocols
- Strong communication skills; person in this role must be able to successfully communicate with management personnel, technical personnel and third parties
- Experience with common enterprise firewall vendors such as Check Point, Palo Alto, Juniper or Cisco/Sourcefire
- Experience with common enterprise class packet capture solutions such as Security Analytics and Netwitness
- Experience with common enterprise forward proxies such as Zscaler, Symantec/BlueCoat, ForcePoint/WebSense, McAfee or F5
- Experience with a firewall policy management tool such as Tufin, Algosec or Firemon
- Experience in Linux system administration desired
- Experience in programming and/or scripting desired
- Experience in configuration management tools such as Ansible, Puppet, or Chef
- Knowledge of Microsoft Active Directory desired
- Experience with cloud IaaS solutions such as Microsoft Azure or Amazon AWS
- Possess one of the following certifications: Palo Alto Certifications, Juniper Certification, Cisco Certifications (CCNA, CCNP, CCIE), Check Point Certifications, SANS Certifications (GIAC, etc), RedHat Certifications