Network Engineer

The Swift Group is a privately held, mission-driven and employee-focused services and solutions company headquartered in Reston, VA. Our capabilities include Software Development, Engineering & IT, Data Science, Cyber Enablement, Logistics, and Training. Founded in 2019, Swift supports Civilian, Defense, and Intelligence Community customers across the country and around the globe.

We're looking for a highly experienced Network Engineer to design, implement, and sustain complex, mission-critical networks. The ideal candidate brings 8+ years of hands-on experience engineering and operating complex IP networks, with expertise in routing and switching, network security, and cloud-integrated architectures.

The location of this job is Herndon, VA.

Responsibilities:

• Network Architecture & Design: Design, implement, and manage complex enterprise and service-provider scale IP networks spanning LAN, WAN, and cloud environments.
• Routing & Switching: Plan, configure, and optimize dynamic routing protocols including BGP, OSPF, EIGRP, and IS-IS; implement and tune advanced switching features including STP, LACP, VTP, and 802.1Q trunking.
• MPLS & Transport Services: Design and deliver MPLS/BGP transport services and manage integrations between service providers and customer environments.
• Network Security: Harden network infrastructure and enforce security controls including next-generation firewalls, VPNs, ACLs, network segmentation, and Zero Trust principles; serve as a collaborative partner to Cybersecurity teams.
• Automation & DevOps: Automate provisioning, configuration management, and validation using tools such as Ansible, Python, and Terraform; contribute to CI/CD pipelines and infrastructure-as-code practices.
• Cloud & Hybrid Networking: Implement and support SD-WAN, SDN, and network virtualization (NFV) solutions; architect and manage cloud networking environments across AWS, Azure, and/or on-premises hybrid deployments.
• Network Access Control: Implement and manage Network Access Control (NAC) technologies to enforce endpoint compliance policies and control access to sensitive network segments.
• Operations & Incident Response: Serve as the Tier 3/4 escalation point for complex network incidents; perform root cause analysis, lifecycle maintenance, capacity planning, and performance tuning.
• Technical Documentation & Briefings: Produce and maintain network designs, architecture diagrams, implementation plans, change management documentation, and after-action reports; present technical findings and recommendations.
• Mentorship & Standards: Provide technical mentorship to junior engineers and contribute to the development of organizational engineering standards, playbooks, and best practices.

Requirements:

• BS in Computer Science, Information Technology, Network Engineering, or a related technical field, or equivalent professional experience
• 8+ years of hands-on experience designing, implementing, and operating enterprise-grade IP networks
• Deep expertise in routing protocols (BGP, OSPF, EIGRP, IS-IS) and switching technologies (STP, LACP, VTP, 802.1Q)
• Proficiency with Cisco platforms (routers, switches, ASA/Firepower firewalls); experience with additional vendors (Juniper, Palo Alto, Aruba) a plus
• Experience designing and operating secure network architectures including firewall policy, VPN technologies (IPsec, SSL), ACLs, and network segmentation
• Demonstrated experience with network automation tools and scripting (Ansible, Python, or similar); familiarity with infrastructure-as-code practices
• Experience with SD-WAN/SDN solutions and cloud networking (AWS, Azure, and/or GCP)
• Familiarity with NAC platforms (e.g., Cisco ISE, Aruba ClearPass) and endpoint access control policy enforcement
• Ability to produce clear and thorough technical documentation, network diagrams, and design presentations for both technical and non-technical audiences
• US citizenship and an active [Clearance Level] security clearance required

Desired Experience:

• Active CCNP, CCIE, JNCIE, or equivalent professional network engineering certification
• Experience with MPLS transport services and inter-provider BGP peering
• Background operating satellite, wireless, or tactical communications networks in support of government or military missions
• Familiarity with voice and video over IP (VoIP/VTC) infrastructure including SIP, H.323, and QoS engineering
• Experience hardening networks to meet security standards and supporting system accreditation processes (RMF/ICD 503)
• Exposure to IPv6 design and dual-stack migration planning
• Prior experience with network forensics, packet analysis (Wireshark, tcpdump), and supporting incident response or intrusion analysis activities
• Experience with large-scale multi-tenant or high-availability network environments in a cleared government or IC context
• Familiarity with DISA STIGs and DoD/IC network security compliance frameworks

Do you know anyone for this position, or other positions open at The Swift Group? We offer a $5,000 bonus for any referral candidate we hire, paid out at the new hire's 90-day mark.

We are not working with outside staffing agencies to fill this position, and we will not be accepting unsolicited resumes. All inquiries must go through the recruiting team.

#LI-DI1

#Onsite