Network Architect (Security)

System One Holdings, LLC
Fort Washington, MD
Sep 20, 2022
Sep 25, 2022
Full Time
REMOTE Network Architect US Citizenship is required $170,000/year- $200,000/year ALTA IT Services is seeking a motivated, career and customer-oriented Network Architect Level CCIE in South Burlington, VT, Camp Springs, MD, or in a location to be determined upon offer acceptance.Responsibilities include, but are not limited to: Use Agile engineering approach to DevSecOps and solutioning with Access Identity and Directory Services to architect, engineer, and implement network security control methods in cloud, on-premise and virtual environments to support DHS directive 4300A, NIST 800-53, and industry best practicesExtend into secure cloud solutions and next generation firewall and intrusion protection devices to scale against all IoT connected devices. Continually improve DDI and network access control reporting.Knowledge and understanding to keep the network up to date (and ready to scale for the future) through compliance with all federal requirements such as DHS 4300A, NIST 800-53, and other industry best practices. Perform as Level 3 network architecture and engineering escalation point for network security to effectively support security processes and procedures.Enhance the security posture to scale upward without impeding performance.Audit firmware versions and configuration settings for the USCIS cloud and infrastructure platforms/devices to eliminate vulnerabilities and ensure USCIS deploys and operates in accordance with vendor recommendations, industry best-practices, DoD STIGs, and DHS configuration guidance.Evaluate current and future network designs to ensure that network security is incorporated as an integral consideration in these designs.Configure and implement Next Generation Firewall systems and Next Generation Intrusion Protection Systems.Review existing configuration settings to identify potential security vulnerabilities and propose/implement setting or architectural changes to address these vulnerabilities.Perform securing, hardening, and rule creation for new firewalls, switches, routers, and other network equipment. This includes reviewing and re-evaluating existing configuration settings and rules to verify USCIS' security posture and eliminate unnecessary risk.Architect and engineering a Network Access Control (NAC) solution.Develop new efficient and effective processes to streamline the ports and protocols form request form. Basic Qualifications:A minimum of ten (10) years of experience as an Enterprise Architect Specializing in Active Directory services.Certifications: CCIE or CCNP SecurityA minimum of four (4) years of experience in cloud technologies such as but not limited to Azure and AWS.Extensive experience designing mission critical infrastructure in enterprise environments. Experience designing and implementing enterprise solutions that increase the availability and security of the enterprise.Extensive experience with on premise physical infrastructure and Virtualization technologies including Hyper-V, VMWare, SAN, FCoe, NFS, SMB3 etc Deep experience with networking and security methods and tools.Strong troubleshooting and analytical skills required. Must have strong critical thinking, complex problem solving, appropriate judgment, and decision-making skills Experience with major cloud providers preferred. Possess superior technical aptitude and effective written and verbal communications skills. Proven experience with managing and using Dev Ops concepts. Capable of supporting tools such as, or similar to: NetCollectorSteel Central ARXSteel Central ControllerAlgoSecAmazonCisco ACI/SDN PlatformCisco Cloud CenterCisco FirepowerCisco Identity Services EngineCisco MerakiCisco PrimeCisco Security Manager (CSM)ForeScoutCisco Routing platformsCisco Security ManagerCisco Switching platformGoogleInfobloxIWANMeraki Cloud Portal and devicesMS AzureNetProfilerQOS Quality of ServiceRiverbed SD-WANRiverbed Steelhead family suiteSolarwindsStealthwatchSteel Central Mobile ControllerVipTellaVMWare NSX Preferred Qualifications: Familiar with tools including: ServiceNow, GitHub, Jira, ConfluenceExperience with ITIL, DevSecOps and Agile conceptsExperience supporting Government contracts Security Clearance Requirements: US Citizen with the ability to obtain Public Trust and complete DHS Security ClearanceAbility to obtain DHS EOD suitabilityCurrent DHS EOD highly preferred Physical Requirements: Office work, typically sedentary with some movement around the office.

Similar jobs