Job Requirements
McLean, VA
Secret Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Position Title: FireEye / Gigamon Cybersecurity Engineer
Client: DCMA Enterprise Network Support Services (ENSS)
Location: 22nd Century Technologies, McLean, VA
Clearance: Active DoD Secret Clearance Required
Certification Requirements:
• Security+ CE (IAT Level II minimum), CASP+, CISSP, CCNP Security, or equivalent preferred
Position Overview
The FireEye / Gigamon Cybersecurity Engineer provides engineering, administration, monitoring, and operational support for the Defense Contract Management Agency (DCMA) Enterprise Security Architecture. This position is responsible for deploying, managing, and optimizing FireEye/Trellix security platforms and Gigamon visibility solutions to enhance threat detection, network observability, incident response, and cybersecurity operations across DCMA enterprise environments.
The engineer works closely with Network Operations Center (NOC), Cybersecurity Operations, RMF, ACAS, SIEM, Firewall, and Network Engineering teams to ensure continuous monitoring, threat visibility, and protection of enterprise networks supporting CONUS and OCONUS users.
FireEye Helix was designed to unify network, endpoint, and third-party security visibility while integrating threat intelligence and automated security operations capabilities.
Gigamon provides deep observability and network-derived intelligence by delivering optimized traffic to security and monitoring tools, eliminating network blind spots and improving threat detection.
Primary Responsibilities
FireEye/Trellix Operations
• Administer and maintain FireEye/Trellix security platforms, including:
o FireEye Network Security (NX)
o FireEye Email Security (EX)
o FireEye Endpoint Security (HX)
o FireEye Helix SIEM/XDR
o FireEye Central Management System (CMS)
• Monitor and analyze security events, malware detections, indicators of compromise (IOCs), and advanced persistent threats (APTs).
• Develop correlation rules, threat-hunting use cases, dashboards, and automated response workflows.
• Integrate FireEye solutions with:
o LogRhythm SIEM
o ACAS
o CheckPoint Firewalls
o Cisco Security Platforms
o Active Directory
o Threat Intelligence feeds
• Conduct incident response activities and forensic investigations utilizing FireEye and Mandiant intelligence resources.
• Support Cybersecurity Service Provider (CSSP) operations and enterprise security monitoring.
Gigamon Visibility Fabric Operations
• Engineer and administer Gigamon visibility solutions, including:
o GigaVUE Appliances
o GigaSMART
o GigaVUE Fabric Manager
o Deep Observability Pipeline
• Configure TAPs, packet brokers, traffic aggregation, filtering, deduplication, and SSL/TLS decryption services.
• Design and maintain traffic distribution policies supporting:
o FireEye/Trellix
o LogRhythm
o ACAS
o IDS/IPS
o Network Performance Monitoring tools
• Optimize east-west and north-south traffic visibility across:
o Data Centers
o Cloud Environments
o Virtualized Infrastructure
o Hybrid Networks
• Perform packet analysis and troubleshooting using:
o Wireshark
o TCPDump
o Gigamon Analytics
Gigamon solutions provide traffic intelligence, packet optimization, metadata generation, filtering, and visibility across hybrid cloud and enterprise environments.
Cybersecurity Engineering
• Develop and implement security architecture improvements.
• Support RMF security controls and continuous monitoring activities.
• Conduct vulnerability assessments and remediation validation.
• Support STIG compliance initiatives.
• Participate in Change Management and Configuration Control Boards (CCB).
• Create engineering documentation, SOPs, implementation guides, and technical reports.
• Provide Tier III escalation support for cybersecurity incidents.
Monitoring and Reporting
• Provide 24x7x365 operational support as required.
• Generate daily, weekly, and monthly cybersecurity status reports.
• Brief government leadership on:
o Security incidents
o Threat trends
o Visibility gaps
o Risk mitigation actions
o Compliance posture
Required Qualifications
• Active DoD Secret Clearance.
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• Minimum 5 years of cybersecurity engineering experience.
• Minimum 3 years supporting enterprise security monitoring platforms.
• Experience with:
o FireEye/Trellix products
o Gigamon Visibility Fabric
o LogRhythm SIEM
o Cisco enterprise networking
o Palo Alto or Check Point firewalls
o Windows Server and Active Directory
o Packet capture and analysis tools
Preferred Qualifications
• FireEye/Trellix Certifications
• Gigamon Certified Professional (GCP)
• CISSP
• CASP+
• CCNP Security
• GCIA
• GCIH
• CEH
Desired Knowledge and Skills
• Advanced Persistent Threat (APT) detection
• Threat Hunting
• Network Traffic Analysis
• Incident Response
• Malware Analysis
• Security Automation
• SIEM Engineering
• IDS/IPS Technologies
• Packet Broker Technologies
• Network Forensics
• Cloud Security Monitoring
• Zero Trust Architecture
• RMF and NIST 800-53 Controls
Tools and Technologies
• FireEye Helix / Trellix XDR
• FireEye HX, NX, EX
• Gigamon GigaVUE
• GigaSMART
• GigaVUE-FM
• LogRhythm SIEM
• ACAS
• SolarWinds
• Wireshark
• CheckPoint Firewalls
• Cisco Routers and Switches
• VMware
• Active Directory
• Splunk (desired)
Work Environment
Supports the DCMA Enterprise Network Support Services (ENSS) program protecting over 200,000 users and millions of enterprise devices across global DoD networks. Position requires collaboration with Cybersecurity, NOC, Network Engineering, Firewall, Collaboration, and RMF teams in a mission-critical environment.
Travel: Up to 10% CONUS/OCONUS as required.
Shift Support: May include after-hours maintenance windows and on-call rotation.
Client: DCMA Enterprise Network Support Services (ENSS)
Location: 22nd Century Technologies, McLean, VA
Clearance: Active DoD Secret Clearance Required
Certification Requirements:
• Security+ CE (IAT Level II minimum), CASP+, CISSP, CCNP Security, or equivalent preferred
Position Overview
The FireEye / Gigamon Cybersecurity Engineer provides engineering, administration, monitoring, and operational support for the Defense Contract Management Agency (DCMA) Enterprise Security Architecture. This position is responsible for deploying, managing, and optimizing FireEye/Trellix security platforms and Gigamon visibility solutions to enhance threat detection, network observability, incident response, and cybersecurity operations across DCMA enterprise environments.
The engineer works closely with Network Operations Center (NOC), Cybersecurity Operations, RMF, ACAS, SIEM, Firewall, and Network Engineering teams to ensure continuous monitoring, threat visibility, and protection of enterprise networks supporting CONUS and OCONUS users.
FireEye Helix was designed to unify network, endpoint, and third-party security visibility while integrating threat intelligence and automated security operations capabilities.
Gigamon provides deep observability and network-derived intelligence by delivering optimized traffic to security and monitoring tools, eliminating network blind spots and improving threat detection.
Primary Responsibilities
FireEye/Trellix Operations
• Administer and maintain FireEye/Trellix security platforms, including:
o FireEye Network Security (NX)
o FireEye Email Security (EX)
o FireEye Endpoint Security (HX)
o FireEye Helix SIEM/XDR
o FireEye Central Management System (CMS)
• Monitor and analyze security events, malware detections, indicators of compromise (IOCs), and advanced persistent threats (APTs).
• Develop correlation rules, threat-hunting use cases, dashboards, and automated response workflows.
• Integrate FireEye solutions with:
o LogRhythm SIEM
o ACAS
o CheckPoint Firewalls
o Cisco Security Platforms
o Active Directory
o Threat Intelligence feeds
• Conduct incident response activities and forensic investigations utilizing FireEye and Mandiant intelligence resources.
• Support Cybersecurity Service Provider (CSSP) operations and enterprise security monitoring.
Gigamon Visibility Fabric Operations
• Engineer and administer Gigamon visibility solutions, including:
o GigaVUE Appliances
o GigaSMART
o GigaVUE Fabric Manager
o Deep Observability Pipeline
• Configure TAPs, packet brokers, traffic aggregation, filtering, deduplication, and SSL/TLS decryption services.
• Design and maintain traffic distribution policies supporting:
o FireEye/Trellix
o LogRhythm
o ACAS
o IDS/IPS
o Network Performance Monitoring tools
• Optimize east-west and north-south traffic visibility across:
o Data Centers
o Cloud Environments
o Virtualized Infrastructure
o Hybrid Networks
• Perform packet analysis and troubleshooting using:
o Wireshark
o TCPDump
o Gigamon Analytics
Gigamon solutions provide traffic intelligence, packet optimization, metadata generation, filtering, and visibility across hybrid cloud and enterprise environments.
Cybersecurity Engineering
• Develop and implement security architecture improvements.
• Support RMF security controls and continuous monitoring activities.
• Conduct vulnerability assessments and remediation validation.
• Support STIG compliance initiatives.
• Participate in Change Management and Configuration Control Boards (CCB).
• Create engineering documentation, SOPs, implementation guides, and technical reports.
• Provide Tier III escalation support for cybersecurity incidents.
Monitoring and Reporting
• Provide 24x7x365 operational support as required.
• Generate daily, weekly, and monthly cybersecurity status reports.
• Brief government leadership on:
o Security incidents
o Threat trends
o Visibility gaps
o Risk mitigation actions
o Compliance posture
Required Qualifications
• Active DoD Secret Clearance.
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• Minimum 5 years of cybersecurity engineering experience.
• Minimum 3 years supporting enterprise security monitoring platforms.
• Experience with:
o FireEye/Trellix products
o Gigamon Visibility Fabric
o LogRhythm SIEM
o Cisco enterprise networking
o Palo Alto or Check Point firewalls
o Windows Server and Active Directory
o Packet capture and analysis tools
Preferred Qualifications
• FireEye/Trellix Certifications
• Gigamon Certified Professional (GCP)
• CISSP
• CASP+
• CCNP Security
• GCIA
• GCIH
• CEH
Desired Knowledge and Skills
• Advanced Persistent Threat (APT) detection
• Threat Hunting
• Network Traffic Analysis
• Incident Response
• Malware Analysis
• Security Automation
• SIEM Engineering
• IDS/IPS Technologies
• Packet Broker Technologies
• Network Forensics
• Cloud Security Monitoring
• Zero Trust Architecture
• RMF and NIST 800-53 Controls
Tools and Technologies
• FireEye Helix / Trellix XDR
• FireEye HX, NX, EX
• Gigamon GigaVUE
• GigaSMART
• GigaVUE-FM
• LogRhythm SIEM
• ACAS
• SolarWinds
• Wireshark
• CheckPoint Firewalls
• Cisco Routers and Switches
• VMware
• Active Directory
• Splunk (desired)
Work Environment
Supports the DCMA Enterprise Network Support Services (ENSS) program protecting over 200,000 users and millions of enterprise devices across global DoD networks. Position requires collaboration with Cybersecurity, NOC, Network Engineering, Firewall, Collaboration, and RMF teams in a mission-critical environment.
Travel: Up to 10% CONUS/OCONUS as required.
Shift Support: May include after-hours maintenance windows and on-call rotation.
group id: 10216532
