COPPER RIVER ENTERPRISE SERVICES

Returning Candidate?

Sr Network Security Engineer

Sr Network Security Engineer

Job Location 
VA-Arlington
# of Openings 
4
Security Clearance 
Active Secret; Active Top Secret Preferred
Percentage of Travel Required 
10% or less
Type 
Regular Full-Time

More information about this job

Overview

Optimize secure network system configurations for high-availability, high security, and redundancy to support FSI Learn applications and FSI training system applications.

Responsibilities

  • Responsible for blocking anomalous traffic while maintaining ACL and NAT configurations
  • Responsible for reviewing ASM security logs, remediate false positive alerts, and investigating malicious traffic
  • Configure and Maintain NetVCR Appliances for packet inspection of http and https web server connections to Learn.com Learncenter LMS software applications
  • Configure and Implement Cisco Next Generation Firewall systems and Cisco Next Generation Intrusion Protection Systems for protection of FSI DIN systems and FSI distance learning initiatives
  • Configure and Maintain F5 ASM (Application Security Manager) security software modules for packet inspection of http and https web server connections to Learn.com Learncenter LMS software
  • Review, assess, and implement backbone system security optimizations for Firewall Syslogs, Cisco IDS logs, NetVCR IDS logs, F5 Load balancer ASM logs, CSACS logs
  • Provide network backbone messaging engineering services for the FSI Primary network backbone systems (OpenNet), and FSI DINs backbone systems (DMZ, WiFi, DOM5, FSI NET, DOMS) environments
  • Provide wireless network backbone engineering and maintenance services for all FSI locations
  • Provide inter-site network backbone engineering and maintenance services for all FSI locations
  • Prepare firewall change report
  • Verify backup of firewall configuration, verify backup of IPS configuration, review monitoring server for disk space, and review monitoring server for successful backup, verify timestamp on firewall and IPS
  • Review CSACS failed authentication log and Review CSACS passed authentication log
  • Configure and maintain Cisco IPS and NetVCR IPS Systems with current signatures, correct inspection settings, current operating systems, reporting configuration settings, and connectivity settings
  • Prepare weekly security monitoring reports for FSI/EX/OMIS (Network Enterprise Architecture Team) Branch chief on weekly security events and anomalous events
  • Prepare ad-hoc network security event notifications as required related to emerging security events

Qualifications

  • Education:
    • Bachelor’s Degree in relevant field or additional years experience
  • Required Knowledge/Experience:
    • Must possess one of the following industry recognized certifications:
      • Cisco CCNP Security
      • CISSP
    • Must have a minimum of 7 years professional experience.
    • Ability to review full packet capture output for analysis using a NetVCR appliance (Model: NetVCR 4210 and 3840 Series, Version: 4.5)
    • Must possess detailed understanding of F5 (Model: BigIP 3600, Version: 11.6) Local Traffic Management (LTM) and Application Security Manager (ASM) principles
    • Ability to configure and maintain LTM objects and troubleshoot load balancing issues
    • Possesses a deep understanding of Cisco ASA Firewalls (Models: 5520 and 5525X, Version: 9.1)
    • Able to perform firewall software version upgrades and log review
    • Expert level understanding of packet inspection technologies, especially, tcp packet header inspection and intrusion protection, IP packet data inspection and intrusion protection, application level packet inspection and intrusion protection for sql injection, and cross-site scripting events
    • Engineering Experience securing technology-based and distance learning application curricula software
    • Familiarity with DMZ security infrastructures and defense in depth security engineering principles
    • Familiarity with assessing security posture, reviewing security events, and creating security monitoring reports for distance learning software packages in internet based Dedicated Independent Networks
    • Expertise with state-of-the-art security monitoring systems, preferably the Niksun NetVCR packet capturing and intrusion protection platforms, Cisco IPS appliances, Cisco ASA firewall systems, F5 Application Security Manager appliances, and the use of customized security logging systems in a web-based learning environment
    • Engineering experience implementing and maintaining Cisco enterprise wireless networks
    • Engineering experience implementing Cisco Next generation firewalls and Cisco Next generation intrusion protection systems
  • Preferred Knowledge/Experience:
    • Engineering knowledge of information networking systems, especially as they pertain to:
      • Distance training environments with LMS systems
      • Load balancing DMZ networked applications
      • Campus based networking environments which support classroom environments, application developers, web developers, database developers, and management staff
    • Cisco Next Gen IPS installation and configuration
    • Network security analysis for web-based learning environment
    • Deep packet inspection analysis and SSL decryption engineering experience for web-based applications
    • F5 ASM (Application Security Manager) analysis and configuration experience for web-based applications
  • Physical Requirements:
    • Must be able to lift 50 lbs, bend, and stretch, stand for extended periods of time

Other Responsibilities

  • Perform other tasks consistent with the goals and objectives of the department/contract
  • Perform other duties as assigned by the Lead Network Design Architect

Invest in a company that invests in you! Copper River provides its employees with ample opportunities for career growth and development. Tuition reimbursement is offered to help employees further their education and skillset. Other perks include Open Leave, 401k matching with immediate vesting, Medical, Vision, and Dental coverage.

 

EEO/AA Employer Minorities/Females/Vets/Disability

 

Disclaimer: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.