Sr. Firewall/VPN Design Engineer

Zachary Piper Solutions is currently seeking a Sr. Firewall/VPN Design Engineer to join a global mission supporting the Department of the NAVY. This important work will provide secure end-to-end information technology (IT) services to more than 400,000 hardware devices and 800,000 users in the U.S. and abroad. This is an on-site position on a multi year program located in Quantico, VA. This position requires an active Secret Clearance for consideration.

Key Responsibilities:

• Implement and monitor security measures for communication systems and networks while ensuring that systems and personnel adhere to established Government security requirements.
• Operate and design Host Based Security System (HBSS), Intrusion Prevention Systems, Intrusion Detection Systems, other point of presence security tools, and related security operations. Perform integration with Public Key Infrastructure (PKI) certificates and network accounts to support two-factor authentication for all Active Directory (AD) domain account categories and eliminate the need for password-based authentication.
• Design automated logging aggregation system that compresses, correlates, and provides 30 days of log data for analysis and audit from all sources.
• Design and integrate Computer Network Defense (CND) mechanisms, HBSS, and HBSS Device Control Modules at enterprise locations. Design Government provided components of HBSS to develop and maintain baseline.
• Design and Operate configuration and integration and ePolicy Orchestrator (ePO) Servers. Execute antivirus product integration, configuration and Intrusion prevention, Endpoint encryption, and Data Loss Prevention (DLP).
• Oversee Rights Management Services for administrators, users and groups. Design tasks associated with application networking ports and protocols, Information Assurance (IA), routing and Local Area Network (LAN).
• Perform standard Active Directory services plus the availability to use Windows Light Directory Access Portal (LDAP) services for network devices and appliances.

Requirements:

• 10+ years of overall IT experience
• Experience with the administration, maintenance, and utilization of HBSS and McAfee End-Point Security technologies
• Experience with Tanium and ACAS
• Experience with Navy/Marine Corps, Defense Information System Agency (DISA) and Joint interoperability of network design, integration and implementation is preferred
• Must possess DoD 8570 Certification in active status
• Active Secret Clearance required for consideration

Compensation to Include:

• Salary Range: $130,000 - $143,000 **depending on experience**
• Full Benefits: Cigna Medical, Dental, Vision, 401K, Paid Time off (PTO), Sick Leave if required by Law

This job posting opens on 4/11/25 and will remain open for at least 30 days from the job posting date

#LI-CB1

#LI-ONSITE

Keywords: Cybersecurity, Splunk, Splunk SPL, SPL, Network Forensics, Threat Hunting, Intrusion Detection, Log Analysis, SIEM (Security Information and Event Management), Malware Analysis, Network Traffic Analysis, Forensic Analysis, Threat Intelligence, Vulnerability Assessment, IDS/IPS (Intrusion Detection System/Intrusion Prevention System), PCAP Analysis, Network Security, Anomaly Detection, Endpoint Detection and Response (EDR), Cyber Threats, Cyber Attack, Threat Mitigation, Forensic Investigation, Digital Forensics, Security Incident, Data Breach, Advanced Persistent Threat (APT), Insider Threat, Security Policies, Compliance Management, Security Architecture, Security Operations, Incident Handling, Network Security Monitoring (NSM), Security Awareness Training, Security Risk Assessment, Threat Intelligence Platforms (TIP), Security Analytics, Insider Threat Detection, ACAS, ACAS scans, Tenable, CASP, CCNP, CISA, CISSP, GCED, GCIH, CCSP, HBSS, host based security system, disaster recovery, active directory