Network Security Engineer
IT Coalition
full-time
Posted on:
Location Type: Remote
Location: Virginia • United States
Visit company websiteExplore more
About the role
- Engineer, implement, and maintain network security controls across cloud, on-premises, and virtual environments in support of USCIS’s Zero Trust framework.
- Support the development, enhancement, and operation of secure ingress and egress points in accordance with TIC 3.0 and subsequent requirements.
- Design, configure, and deploy network security technologies including next-generation firewalls, intrusion prevention systems (IPS), and proxy/reverse proxy services.
- Implement and support Secure Access Service Edge (SASE) and Zero Trust network access solutions to enable a large remote workforce, including teleworkers and geographically distributed teams.
- Audit firmware versions and configuration settings across SD-WAN, SDN, WAN, LAN, and cloud networking platforms to identify and remediate vulnerabilities.
- Review existing network and security configurations to identify gaps, risks, and compliance issues; recommend and implement corrective actions.
- Engineer and support Network Access Control (NAC) solutions to enforce device and user-based access policies.
- Orchestrate, automate, and enforce configuration standards and security policies using approved tools and processes.
- Support SaaS and IaaS service adoption by implementing secure network architectures and controls.
- Conduct threat, risk, and cost analyses for proposed network security changes, including new TIC boundary implementations.
- Collaborate with architects, operations teams, vendors, and stakeholders to ensure secure, scalable, and compliant network operations.
- Support compliance with DHS Directive 4300A, NIST SP 800-53, DoD STIGs, and DHS configuration guidance.
Requirements
- 7–10+ years of experience in network and cloud security engineering.
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field strongly preferred; Advanced degree, preferred.
- Demonstrated experience engineering and supporting enterprise network security solutions in hybrid cloud and on-premises environments.
- Hands-on experience with Zero Trust architectures and secure remote access solutions.
- Strong knowledge of next-generation firewalls, intrusion prevention systems, and network security policy enforcement.
- Hands-on experience with Cisco and Palo Alto network and security platforms.
- Experience with Secure Access Service Edge (SASE) implementations.
- Familiarity with Network Access Control (NAC) solutions.
- Experience implementing and supporting TIC 3.0-aligned network security services, including proxy and reverse proxy solutions.
- Working knowledge of SD-WAN, SDN, WAN, LAN, and cloud networking platforms.
- Experience auditing network devices and configurations to identify vulnerabilities and ensure compliance with security standards.
- Familiarity with DHS Directive 4300A, NIST SP 800-53, and industry best practices.
- Strong troubleshooting skills and ability to implement remediation in complex, multi-environment infrastructures.
- Ability to collaborate effectively with cross-functional teams and external vendors.
- Must be eligible to obtain DHS Suitability clearance.
Benefits
- 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
network security engineeringcloud security engineeringZero Trust architecturenext-generation firewallsintrusion prevention systemsSecure Access Service Edge (SASE)Network Access Control (NAC)SD-WANSDNTIC 3.0
Soft Skills
troubleshootingcollaborationcommunication