Senior Firewall Engineer Job Listing at SAIC in Springfield, VA (Job ID 2611791)

Description

Description

The Network Technologies Business Unit currently has an opening for a Senior Firewall Engineer to support a Department of State (DoS) Bureau of Diplomatic Technology (DT) program. This position is for engineering and design of firewall solutions for on-prem and cloud based networks as well as integrations between the two. It requires hands-on expertise, leadership of engineers, and engagement with senior customer leadership.

This program provides transparent, interconnected systems and security supporting the DoS in successfully carrying out its U.S. foreign policy mission. DT provides enterprise architecture design, engineering, operations and maintenance support services for desktops, servers, networks, firewalls, and enterprise applications across the Department. Program is named "Vanguard 2025" and is an IT consolidation consisting of the Department's servers, mainframes, network devices, network perimeter, anti-virus engineering, public key infrastructure (PKI)/biometrics/encryption, monitoring tools, telephony, mobile computing platform, virtual environment, and enclave design/security engineering.
 

This role is hybrid onsite (Springfield, VA) 
 

Description of Duties:

• Evaluates, designs, documents, and performs problem isolation and resolution, monitors, tunes, sets standards and maintains a range of firewall and firewall related products..
• Provides client consulting and training on the design and use of the firewall systems and architectures.
• Uses monitoring, performance analysis, network management, software and hardware equipment to troubleshoot and isolate problems; gauge performance and activity. 
• Work with Architects to design and engineer solutions to operational problems within the capacity and operational limitations of installed solutions.
• May develop contingency plans for firewall related hardware failures including isolated and major outages.
• Provides internal consulting, technical guidance, information and support to application developers, computer operations, management, and departmental clients.
• Plan, research, evaluate and recommend new firewall and related technologies – hardware and software.

Qualifications

Required Education & Experience:

• Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience;may accept addtional experience in lieu of degree.
• Expertise in designing scalable, secure, and high-performance enterprise firewall architectures, including solutions leveraging: Palo Alto, A10, F5, Fortinet, and other platforms
• 10 years firewall engineering experience (Tier III and above) within large, complex networks.
• Strong understanding of TCP/IP, IP addressing, subnetting, VLANs, and routing protocols (BGP, OSPF)
• Experience implementing firewall solutions with Azure, Azure-S, AWS, AWS-S and other cloud providers.
• Designing and implementing complex access control lists (ACLs), security rules, and NAT rules to control traffic flow
• Strong experience in design/support/troubleshoot large/complex networks end-to-end.
• Design, test, and implement firewall and load balancer configurations including: traffic distribution type, SSL termination, pool members and session affinity

Preferred Experience, Skills. & Attributes:

• Firsthand experience in developing and providing quality assurance review of engineering change orders relating to the replacement or enhancement of perimeter security hardware and software.
• Experienced with performing root cause analysis, risk identification, and risk mitigation.
• Experience supporting the government customers in secure environments, familiarity of NIPRNET and SIPRNET operating standards and applicable guidelines.
• DNS / Infoblox experience
• Familiarity with automation tools and scripting languages (e.g., Python, Ansible) to streamline network operations and reduce manual tasks
• Familiarity with DoS network environments, IT security systems, policies and procedures
• Interpersonal skills including the ability to collaborate effectively, self-awareness, and excellent presentation skills.
• Professional certifications such as: PCNSE (Certified Next-Generation Firewall Engineer),CCSA (Certified Security Administrator) or CCSE (Certified Security Expert). CCNP Security or CCNA. Fortinet (FCP/FCSS),

Required Clearance:

• US Citizenship.
• Active Top Secret Clearance.