Cloud Network Engineer

Cloud Network Engineer

ZPS is looking to select a Cloud Network Engineer to support the US Department of the Treasury TCloud enterprise cloud development effort. This effort aims to facilitate holistic multi-cloud solutions to meet the Department of Treasury's enterprise-wide infrastructure needs. This position will be responsible for managing the configuration, installation and on-going support of the Network Infrastructure which includes Palo Alto firewalls, Cisco VPN Concentrators, Cisco CSR devices as well as Networking in cloud platforms such as Azure and OCI. The candidate for this position should have extensive hands-on technical skills designing and deploying various network technologies in cloud platforms. The scope of this position includes network design, implementation, and support for all components within cloud platforms. This position will need to be adept at monitoring the ongoing operation of the network and identifying potential issues and corrective actions as needed.

Responsibilities:

• In-Depth knowledge and hands-on experience with major cloud platforms, such as Azure, OCI and GCP.
• Comprehensive knowledge of cloud security best practices and ability to implement security measures within cloud networks.
• Strong understanding of networking protocols and technologies, including TCP/IP, DNS, DHCP, VPN, BGP and OSPF.
• Strong understanding of Virtual Private Clouds (VPCs) and subnets to meet the organization's performance and security requirements.
• Experience with software-defined networking (SDN) and virtual networking concepts.
• Experience with identity and access management (IAM) in cloud environments
• Experience with installation of various network devices and services (e.g., routers, firewalls, load balancers, VPN, QoS)
• Perform network maintenance and system upgrades including service packs, patches, hot fixes, and security configurations for any third-party network devices in cloud platforms.
• Work with the existing network administrators and engineers to manage, deploy, and troubleshoot firewalls, routers, VPN concentrators, and Network Access Control in cloud platforms.
• Monitor performance and ensure system availability and reliability
• Monitor system resource utilization, trending, and capacity planning
• Provide Level-2/3 support and troubleshooting to resolve issues

Requirements:

• Must be a US Citizen with the ability to obtain a Public Trust clearance
• Bachelors degree and four (4) years or more of related experience or Masters and two (2) or more years of related experience.
• Strong experience working with Terraform
• Need to have experience with AWS Security group deployment using Terraform
• Experience with cloud or on-prem devices such as Cisco and Palo Alto firewalls
• Working technical knowledge of TCP/IP networks and standards (IEEE 802.1)
• Must have experience with EKS Cluster.
• Working knowledge of DoD STIGs, and IA Vulnerability Management (IAVM)
• Experience with Palo Alto firewalls
• Experience configuring and troubleshooting Cisco IPsec (AES 256), Firewall, IPS, route-maps, and NACLs
• Strong knowledge and understanding of TCP/IP network technologies; DNS, DHCP, TFTP, NAT, and SSL.
• Participation in 24/7 on-call rotation is required for this role

Desired:

• Azure Fundamentals, GCP or Oracle Cloud Certifications
• CCNP or Higher (CCIE and/or CISSP highly valued)
• PaloAlto Networks Certifies Network Security Engineer (PCNSE)