Provides engineering and management of strategic network boundary protection security devices utilizing defense in depth across all network tiers. Provides technical support regarding the design, configuration, implementation, operational management, and troubleshooting of boundary protection devices including Bluecoat Web Proxy filters, IPS/IDS, Syslog, and Cisco switches and routers. Implements network policies and exemptions in accordance with published standards and regulations. Around 600 tickets per month are processed relating to firewall and proxy exempt events. Typically, there is a 24-hour turnaround for any ticket submitted. A faster response may be required depending on the severity of the situation.
*Shall provide 24/7 engineering network defense engineering support involving the design, configuration, implementation, and operational management of network defense systems and management of network boundary security devices. This shall include: Troubleshoot network defense devices such as proxy filters, traffic accelerators, firewalls, VPNs and IPS/IDS.
*Shall configure and manage Access Control Servers (ACS) and Radius servers, Terminal Access Controller Access Control System+ (TACACS+), 802.1x, AAA, SSH, crypto maps, ACLs and other network security protocols.
*Shall create network accounts, manage account permissions, update 802.1x with current information systems, complete tickets related to firewall and proxy exemptions, and troubleshoot network security-related issues.
*Shall configure, administer, and troubleshoot firewalls and BlueCoat ProxySG appliances and implement at network hardware technology, with emphasis on Cisco PIX, Cisco ASA, Cisco Routers, Juniper Netscreen, and Bluecoat ProxySG.
*The Contractor shall be able to transition to application based firewalls.
*The Contractor shall assist with the development and documentation of recommendations for theater network operational policies, procedures, technical standards and guidelines.
*The contractor shall maintain compliance of network device software versions and configuration in accordance with DISA STIG policy; devices shall be compliant within 30 days of policy updates.
*The contractor shall implement approved network policies within two (2) hours of receipt.
*The contractor shall begin troubleshooting security device problems within one (1) hour; resolve problems within six (6) hours.
*Must possess an active DoD Secret Clearance
*Contractor shall possess at least 3 years of experience with Enterprise level routing
*Contractor shall possess at least 1 year of experience with Service Provider level routing
*Candidate shall meet IAT level III compliance per DOD 857
DataPath is an Equal Opportunity Employer. We comply with the laws set forth in the Equal Employment Opportunity in The Law poster.
DataPath is committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment and need special assistance or an accommodation to use our website to apply for a position, please contact us at HRTA@Datapath.com We evaluate requests for reasonable accommodation on a case-by-case basis.