Cisco Firewall & Network Security Engineer

Please take this opportunity to join one of GDIT’s fastest long-standing growing programs! US Battlefield Information Collection and Exploitation System eXtended (US BICES-X) is a cutting edge program supporting DoD intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting each combatant command, the US BICES-X Team is in direct support of the war fighter and their missions.

We are seeking a creative and driven professional with a passion for solving real-world issues on a cross-functional, fast-paced team. You will be part of a dynamic team that is delivering a business driven Enterprise Network to support BICES Global Enterprise Mission Support Services increasing performance, security, scalability, and stability while reducing costs and complexity resulting in increased supportability.

Responsibilities:
• Performs Defensive Cyber Operations (DCO) activities (formally known as Cyber Network Defense) for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of program policy, standards, and operating procedures.
• This position will be working within our Defensive Cyber Operations-Infrastructure environment. The primary duties of this role include Implementation and Administration of Security Ops, utilizing Cisco ASA Firewalls, Cisco Firepower/Secure Firewall Next-Gen Firewalls & Next-Gen IPS, Gigamon Traffic Visibility devices, and Cisco ISE.
• As a member of the DCO Firewall Team, supports the program with routine and often high-level troubleshooting for the enterprise network and all the systems, programs, and traffic that traverse the network. The enterprise network consists primarily of Cisco network infrastructure utilizing such technologies such as 802.1x/MAB Network Access (NAC), TACACS+, EIGRP/OSPF/BGP Routing, BFD, Site-to-Site VPNs, as well as various other Campus, WAN and Data Center network technologies.
• Conduct network and system audits for vulnerabilities using Security Technical Implementation Guides (STIGs), Security Requirements Guides (SRGs), ACAS vulnerability scans, and DISA SCAP. Modify device configurations and practices to comply with all directives and mitigate findings for associated network operating systems.
• Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.
• Utilize available resources to conduct Cybersecurity activities, and report to senior GDIT and government personnel on overall program security posture.
• Provides guidance and work leadership to less-experienced technical staff members.
• Maintains current knowledge of relevant technology as assigned.
• Participates in special projects as required.

Qualifications:
Required Qualifications:
• 10+ years of experience required.
• Must possess and maintain a TS/SCI clearance.
• BA/BS degree required or equivalent work experience.
• Must meet DOD 8570.01M requirements for IAT Level II & CSSP-Infrastructure Support.
• Requires CCNA or better for Firewall Administration.

Preferred Qualifications:
• Proficiency with Next-Gen Firewalls/Next-Gen IPS (Cisco Firepower/Secure Firewall).
• Experience with Snort Signatures & IPS technology.
• Experience with Gigamon Traffic Visibility devices and technology.
• Experience/Familiarity with Splunk or similar Security Incident and Event Management (SIEM) solutions.
• Experience/Familiarity with Linux operating system is a plus.
• Experience/Familiarity with Cisco Identity Services Engine (ISE).
• The ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic, fast-paced team-oriented environment.
• The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes, or equipment.