Job Requirements
Springfield, VA
Top Secret/SCI CI Polygraph
Career Level not specified
$90,300 - $189,600
Job Description
Job Title: Lead Firewall Engineer
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 25%
Type of Travel: Continental US
* * *
The Opportunity:
TCS is looking for a Lead Firewall Engineer to oversee the NSS Boundary Team. This role will report directly to the Branch Chief of Cyber Technology Services. This position is responsible for maintaining compliance with quality assurance standards and ensuring service level agreements are met or exceeded within this service area.
Experience in reviewing, validating, and implementing requirements within enterprise Change Requests (CRQs) and determining impacts to network and cyber operations across the enterprise. This role is also responsible for providing technical oversight of troubleshooting efforts and solutions development executed by the subordinate team.
Responsibilities:
Serve as the focal point for all firewall tasks, operations, and projects
• Lead, direct, and manage execution of all daily operations, troubleshooting, and maintenance activities of the NSS Boundary work center.
• Design, implement Manage security solutions using F5, Juniper SRX, and Palo Alto for project-based requirements.
• Ensure systems, devices, and application under your responsibility and span of control meet applicable STIG/SRG and organizational configuration baselines
• Lead regular compliance evaluations and audits
• Develop, oversee, maintain, and enforce configuration management processes, Standard Operational Procedures (SOPs), and other documentation as needed/required.
• Monitor platform performance, logs, software version(s), and configuration drift to identify and mitigate performance, compliance, and security issues.
• Develop and maintain network architecture diagrams, inventories, and licensing status for the various capabilities within the scope of the team.
• Provide written reports and oral briefings to contract and government leadership
• Coordinate issues with the appropriate stakeholders to ensure task completeness and overall customer satisfaction.
• Provide recommendations on newly submitted customer requests.
• Evaluate and report on new/emerging network/communication technologies to enhance capacity, performance and reliability of the network.
• Evaluate and recommend changes and/or technology upgrades to address performance, standardization and industry best practices.
• Conduct performance assessments, mentor, and coach personnel.
Qualifications:
• Security Clearance: Active TS/SCI
• Demonstrated knowledge in planning, directing, and managing a Firewall / Boundary Security Team in an organization similar in size
• Firewall experience within the DoW or IC
• Demonstrated knowledge of implementation of Perimeter and Internal Firewalls (both physical and virtual contexts)
• Demonstrated advanced experience in managing baseline configurations across numerous firewalls
• Demonstrated advanced experience in evaluating rules to ensure maximum security while minimizing redundancy and processing overhead
• Demonstrated experience with researching and fielding new and innovative firewall technology
• Experience with F5 platforms/technologies (APM, AFM, SSLO, etc.)
• Experience with Palo Alto platforms/technologies (Threat Prevention, Wildfire, URL Filtering, Global Protect)
• Experience with Juniper SRX platforms/technologies
• Experience with Online Certificate Status Protocol OCSP revocation
• Familiar with DoD PKI, Kerberos, LDAP, Active Directory, Authentication (SAML, OAuth)
• Ability to describe and troubleshoot TLS/SSL handshake/connection issues
• Network design, engineering, and implementation (Advanced Level)
• Creation of network related Rough Order Magnitude (ROM) equipment lists and costing, Level of Effort (LOE) estimation for labor
• Understanding of DoW, DISA, and IC standards and processes
• Ability to work weekends and evening hours as needed
• Ability to obtain and maintain a CI polygraph
• DoD 8140.01 and DoD 8570.01-M IAT Level II compliant certification (current). Must be able to successfully obtain/maintain CSSP Infrastructure Support certification within 120 days.
Desired:
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Pay Range :
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$90,300-$189,600
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
Job Category: Information Technology
Time Type: Full time
Minimum Clearance Required to Start: TS/SCI
Employee Type: Regular
Percentage of Travel Required: Up to 25%
Type of Travel: Continental US
* * *
The Opportunity:
TCS is looking for a Lead Firewall Engineer to oversee the NSS Boundary Team. This role will report directly to the Branch Chief of Cyber Technology Services. This position is responsible for maintaining compliance with quality assurance standards and ensuring service level agreements are met or exceeded within this service area.
Experience in reviewing, validating, and implementing requirements within enterprise Change Requests (CRQs) and determining impacts to network and cyber operations across the enterprise. This role is also responsible for providing technical oversight of troubleshooting efforts and solutions development executed by the subordinate team.
Responsibilities:
Serve as the focal point for all firewall tasks, operations, and projects
• Lead, direct, and manage execution of all daily operations, troubleshooting, and maintenance activities of the NSS Boundary work center.
• Design, implement Manage security solutions using F5, Juniper SRX, and Palo Alto for project-based requirements.
• Ensure systems, devices, and application under your responsibility and span of control meet applicable STIG/SRG and organizational configuration baselines
• Lead regular compliance evaluations and audits
• Develop, oversee, maintain, and enforce configuration management processes, Standard Operational Procedures (SOPs), and other documentation as needed/required.
• Monitor platform performance, logs, software version(s), and configuration drift to identify and mitigate performance, compliance, and security issues.
• Develop and maintain network architecture diagrams, inventories, and licensing status for the various capabilities within the scope of the team.
• Provide written reports and oral briefings to contract and government leadership
• Coordinate issues with the appropriate stakeholders to ensure task completeness and overall customer satisfaction.
• Provide recommendations on newly submitted customer requests.
• Evaluate and report on new/emerging network/communication technologies to enhance capacity, performance and reliability of the network.
• Evaluate and recommend changes and/or technology upgrades to address performance, standardization and industry best practices.
• Conduct performance assessments, mentor, and coach personnel.
Qualifications:
• Security Clearance: Active TS/SCI
- 10+ years related technical experience network security technologies, tools, and techniques
- 5 + years' experience with large-scale enterprise/global networks in a high paced diverse environment
- Understanding and experience with the DoD Architecture Framework and other key DoD network architecture and strategic planning instructions
• Demonstrated knowledge in planning, directing, and managing a Firewall / Boundary Security Team in an organization similar in size
• Firewall experience within the DoW or IC
• Demonstrated knowledge of implementation of Perimeter and Internal Firewalls (both physical and virtual contexts)
• Demonstrated advanced experience in managing baseline configurations across numerous firewalls
• Demonstrated advanced experience in evaluating rules to ensure maximum security while minimizing redundancy and processing overhead
• Demonstrated experience with researching and fielding new and innovative firewall technology
• Experience with F5 platforms/technologies (APM, AFM, SSLO, etc.)
• Experience with Palo Alto platforms/technologies (Threat Prevention, Wildfire, URL Filtering, Global Protect)
• Experience with Juniper SRX platforms/technologies
• Experience with Online Certificate Status Protocol OCSP revocation
• Familiar with DoD PKI, Kerberos, LDAP, Active Directory, Authentication (SAML, OAuth)
• Ability to describe and troubleshoot TLS/SSL handshake/connection issues
• Network design, engineering, and implementation (Advanced Level)
• Creation of network related Rough Order Magnitude (ROM) equipment lists and costing, Level of Effort (LOE) estimation for labor
• Understanding of DoW, DISA, and IC standards and processes
• Ability to work weekends and evening hours as needed
• Ability to obtain and maintain a CI polygraph
• DoD 8140.01 and DoD 8570.01-M IAT Level II compliant certification (current). Must be able to successfully obtain/maintain CSSP Infrastructure Support certification within 120 days.
Desired:
- BS or MS degree in Computer Science, Cyber Security, Network Security or related field
- F5 Networks certifications
- Juniper JNCIS/JNCIP, Palo Alto PCNSE (or equivalent)
-
What You Can Expect:
A culture of integrity.
At CACI, we place character and innovation at the center of everything we do. As a valued team member, you'll be part of a high-performing group dedicated to our customer's missions and driven by a higher purpose - to ensure the safety of our nation.
An environment of trust.
CACI values the unique contributions that every employee brings to our company and our customers - every day. You'll have the autonomy to take the time you need through a unique flexible time off benefit and have access to robust learning resources to make your ambitions a reality.
A focus on continuous growth.
Together, we will advance our nation's most critical missions, build on our lengthy track record of business success, and find opportunities to break new ground - in your career and in our legacy.
Pay Range :
There are a host of factors that can influence final salary including, but not limited to, geographic location, Federal Government contract labor categories and contract wage rates, relevant prior work experience, specific skills and competencies, education, and certifications. Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. We offer competitive compensation, benefits and learning and development opportunities. Our broad and competitive mix of benefits options is designed to support and protect employees and their families. At CACI, you will receive comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
Since this position can be worked in more than one location, the range shown is the national average for the position.
The proposed salary range for this position is:
$90,300-$189,600
CACI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, age, national origin, disability, status as a protected veteran, or any other protected characteristic.
group id: caci
CACI Careers – Your potential is limitless. So is ours.
