Job Requirements
Scott Air Force Base, IL
Secret Polygraph not specified
Senior Level Career (10+ yrs experience)
$140,000 - $150,000
Job Description
Job Description
Our client is seeking a Lead Network Engineer to work on-site at Scott AFB. The selected candidate shall provide network analysis, design, implementation, and troubleshooting services to engineer, evaluate, and recommend secure network solutions that meet mission requirements and optimize network/system performance.
This position supports secure, multi-transport hub-and-spoke architectures in direct support of deployable aviation platforms and ground network environments.
A Secret clearance is required to be considered for the position.
Responsibilities:
Responsible for the design, implementation, testing, operations, and maintenance of secure enterprise and deployable network architectures.
Specific responsibilities include:
Engineer and maintain Cisco IOS-XE routing platforms in complex hub-and-spoke environments
Implement and troubleshoot IKEv2/IPSEC (FlexVPN) secure overlay architectures
Design and support Front-Door VRF (FVRF) architectures for multi-transport WAN environments
Configure and validate BGP peering, route filtering (prefix-lists/route-maps), and community-based policy control
Support integration and troubleshooting with Type I encryption devices (e.g., TACLANE KG-175 series)
Analyze and resolve Security Association (SA) establishment and encrypted traffic flow issues
Validate traffic symmetry and PACE-based failover behavior across multiple transport paths
Build and replicate production scenarios in lab environments (GNS3, CML, virtual routers) prior to deployment
Develop and execute structured test plans for new integrations, enhancements, and issue reproduction
Provide advanced troubleshooting across routing, encryption, transport, and policy layers
Produce clear, structured technical documentation and network diagrams
Collaborate across engineering, operations, and mission stakeholders to support secure communications environments
Qualifications
Equipment / Tool Familiarity:
Cisco IOS-XE routers and switches
Palo Alto firewalls
General Dynamics TACLANE KG-175 series (Type I encryption devices)
BGP, OSPF, and EIGRP routing protocols
IPSEC / IKEv2 / FlexVPN architectures
Multi-transport WAN architectures (commercial SATCOM familiarity preferred)
Network monitoring and logging platforms (Splunk, SolarWinds)
VMware virtualized environments
Cisco Identity Services Engine (ISE)
Spectracom SecureSync (NTP servers)
Cisco voice technologies (CUCM, CUBE, CME) - familiarity preferred
Technical Skills:
Strong understanding of hub-and-spoke network design principles
Experience implementing secure encrypted overlays across diverse transport mediums
Advanced troubleshooting of IPSEC/IKEv2 and BGP interactions
Experience implementing route filtering and policy enforcement using prefix-lists and route-maps
Ability to analyze routing asymmetry and traffic path selection
Familiarity with multi-transport resiliency models and PACE-based routing strategies
Ability to independently design, test, validate, and implement network changes
Strong analytical and problem-solving skills
Strong and ample experience documenting and diagramming network architectures
Exposure to network automation frameworks (Python, Ansible, structured configuration templates) – strongly preferred
Education:
BA/BS + 7 years of experience
Certifications:
CCNP Required (CCNP needed for the Lead, CCNA is fine for the Sr position)
Must meet 8140 IAT II certification
Desired:
CCIE, CISSP, Palo Alto certifications, Cisco voice/security certifications
Our client is seeking a Lead Network Engineer to work on-site at Scott AFB. The selected candidate shall provide network analysis, design, implementation, and troubleshooting services to engineer, evaluate, and recommend secure network solutions that meet mission requirements and optimize network/system performance.
This position supports secure, multi-transport hub-and-spoke architectures in direct support of deployable aviation platforms and ground network environments.
A Secret clearance is required to be considered for the position.
Responsibilities:
Responsible for the design, implementation, testing, operations, and maintenance of secure enterprise and deployable network architectures.
Specific responsibilities include:
Engineer and maintain Cisco IOS-XE routing platforms in complex hub-and-spoke environments
Implement and troubleshoot IKEv2/IPSEC (FlexVPN) secure overlay architectures
Design and support Front-Door VRF (FVRF) architectures for multi-transport WAN environments
Configure and validate BGP peering, route filtering (prefix-lists/route-maps), and community-based policy control
Support integration and troubleshooting with Type I encryption devices (e.g., TACLANE KG-175 series)
Analyze and resolve Security Association (SA) establishment and encrypted traffic flow issues
Validate traffic symmetry and PACE-based failover behavior across multiple transport paths
Build and replicate production scenarios in lab environments (GNS3, CML, virtual routers) prior to deployment
Develop and execute structured test plans for new integrations, enhancements, and issue reproduction
Provide advanced troubleshooting across routing, encryption, transport, and policy layers
Produce clear, structured technical documentation and network diagrams
Collaborate across engineering, operations, and mission stakeholders to support secure communications environments
Qualifications
Equipment / Tool Familiarity:
Cisco IOS-XE routers and switches
Palo Alto firewalls
General Dynamics TACLANE KG-175 series (Type I encryption devices)
BGP, OSPF, and EIGRP routing protocols
IPSEC / IKEv2 / FlexVPN architectures
Multi-transport WAN architectures (commercial SATCOM familiarity preferred)
Network monitoring and logging platforms (Splunk, SolarWinds)
VMware virtualized environments
Cisco Identity Services Engine (ISE)
Spectracom SecureSync (NTP servers)
Cisco voice technologies (CUCM, CUBE, CME) - familiarity preferred
Technical Skills:
Strong understanding of hub-and-spoke network design principles
Experience implementing secure encrypted overlays across diverse transport mediums
Advanced troubleshooting of IPSEC/IKEv2 and BGP interactions
Experience implementing route filtering and policy enforcement using prefix-lists and route-maps
Ability to analyze routing asymmetry and traffic path selection
Familiarity with multi-transport resiliency models and PACE-based routing strategies
Ability to independently design, test, validate, and implement network changes
Strong analytical and problem-solving skills
Strong and ample experience documenting and diagramming network architectures
Exposure to network automation frameworks (Python, Ansible, structured configuration templates) – strongly preferred
Education:
BA/BS + 7 years of experience
Certifications:
CCNP Required (CCNP needed for the Lead, CCNA is fine for the Sr position)
Must meet 8140 IAT II certification
Desired:
CCIE, CISSP, Palo Alto certifications, Cisco voice/security certifications
group id: 10105424
Accelerating IT transformation in the public sector
