Network Engineer
GES is seeking a Network Engineer to join our Defense Enclave Services (DES) team at Ft. Meade, MD.
PROGRAM SUMMARY:
The DES program is a highly demanding mission and requires expert technical and professional management to support DISA's enterprise Information Technology (IT) services. You will be supporting a large and complex IT discovery, design, and migration effort towards a Single Service Provider model for the Department of Defense. This role will include discovery, analysis, and design activities required to migrate common IT services from multiple large-scale DoD agencies into DoDNet.
CLEARANCE REQUIREMENT:
• Must possess an active SECRET clearance or higher. (US Citizenship required)
PRIMARY RESPONSIBILITIES:
· Plan and design secure network solutions to consolidate or migrate connectivity services under an enterprise service.
· Partner with key stakeholders and technical experts to perform legacy environment discovery, assessing current capabilities, configurations, and unique requirements to develop a design and architecture leveraging approved design patterns.
· Design secure wide area connectivity inclusive of underlay, overlay, and COI transport design that supports performance, quality of service, security, and mission requirements.
· Provide secure access solutions leveraging wired and wireless technologies, integrating standards, use cases/scenarios, and develop associated implementation and transition plans.
· Integrate capacity planning and scaling of network and security stack environments into the overall design of solutions.
· Collect, investigate, and identify network optimization strategies and techniques to meet capacity and performance standards.
· Identify legacy service paths (i.e. dataflow, firewall rulesets, and ACLs) and develop strategies and designs for the to-be enterprise service capability to meet requirements while balancing security, sustainability, and maintainability.
· Support development of IP addressing schemes across IPv4 and IPv6 networks.
· Work with information assurance teams to ensure compliance to DoD standards to assist with providing accreditation artifacts.
REQUIRED QUALIFICATIONS
· Minimum of a Bachelor’s degree with 8+ years' experience or Master's degree with 6+ years of experience (additional years of directly applicable experience may be accepted in lieu of a degree).
· Require active DoD IAT Level II (i.e. Security+) certification or equivalent prior to start.
· Experience documenting logical or physical designs using drawing tools (e.g. Visio, Powerpoint, Gliffy, Cameo, MagicDraw) to depict systems, subsystems, interfaces, components, and communications of I/T applications and infrastructure
· Experienced and comfortable with conducting technical troubleshooting to resolve issues.
· Experience conducting site surveys or analyzing data obtained from site surveys.
· Experience creating or executing a migration plan to move circuits, network traffic, services, applications, or data between environments or to a commercial cloud provider. Alternatively, experience planning or executing a technology refresh or lifecycle refresh of an existing I/T system.
· Heavily experienced in upgrading and LCR of network devices.
· Must have broad exposure to common I/T infrastructure networking in the areas of LAN, WAN, TCP/UDP, IPSec, VPN, Proxies, Routing(L2/L3), and Firewalls.
· Must have experience in working with two or more of the following vender network technologies: Cisco, Juniper, F5, Aruba, Palo Alto, Dell, Brocade, and Fortinet.
· Demonstrate experience in designing and implementing medium to large network infrastructure and producing corresponding technical documentation.
· Must be able to work as part of a team to troubleshoot and resolve complex network issues.
· Excellent written and verbal communication skills. This shall include drafting SOPs and technical documentation.
· Must be able to present designs and plans to technical leadership personnel and boards for approvals.
DESIRED QUALIFICATIONS
· Certified Cisco Network Professional (CCNP) or equivalent.
· Demonstrate experience in one or more of the following enterprise network management tools such as PaloAlto Panorama, SolarWinds, Cisco Prime, Cisco DNA, What’s Up Gold, or Junos Space.
· Experience in designing and implementing VTC solutions.
· Experience with ScienceLogic SL1 and/or SolarWinds.
· Hands on experience with SD-WAN.
· Demonstrate expertise in design and improvement of complex and geographically enterprise networks.
· Expert knowledge of DoD security requirements for network infrastructure.
· Demonstrate experience in system hardening of network infrastructure to include DoD STIG implementation.
WORK LOCATION: Hybrid remote in Fort George G Meade, MD 20755