Senior Network Security Engineer

Ignite IT

About the Company

Job Description

Required Skills

Key Responsibilities

• Design, configure, administer, maintain, and troubleshoot enterprise firewall solutions (Cisco and Palo Alto platforms), including policy rule bases, NAT, segmentation, threat prevention, logging, and high availability.
• Install, configure, maintain, and upgrade firewall hardware and software in new and existing network infrastructure, including cloud-connected environments.
• Administer firewall policies and services in accordance with Census IT security policy, secure configuration standards, and change control processes.
• Perform recurring firewall rule base reviews, rule recertification, policy cleanup, and decommissioning of obsolete rules.
• Identify, diagnose, and resolve firewall issues involving connectivity, rule behavior, utilization, performance, routing, VPNs, DNS, TLS/certificates, application flows, and log/packet analysis.
• Install, configure, maintain, monitor, and troubleshoot VPN services, including remote access VPN, site-to-site VPN, client/clientless access, partner connectivity, mobile device access, and cloud connectivity.
• Support RSA SecurID or equivalent MFA/two-factor authentication and directory service integrations for VPN and remote access services.
• Maintain, operate, administer, patch, upgrade, and troubleshoot RSA SecurID or equivalent MFA/two-factor authentication infrastructure.
• Support RSA/MFA token lifecycle operations, including provisioning, assignment, activation, replacement, resynchronization, deactivation, inventory tracking, and end-user support.
• Monitor and report on VPN availability, utilization, and performance, and resolve connectivity issues.
• Administer or support Cloudflare and related edge security capabilities, including DNS, DDoS protection, WAF policies, CDN, Access/Gateway, Zero Trust/ZTNA, tunneling, access controls, and logging.
• Design, implement, maintain, and troubleshoot content filtering services, including web security gateways, email security gateways, URL filtering, and DLP integrations.
• Support network access control services, including NAC policy administration, endpoint posture or 802.1X controls, and identity-aware access policies.
• Implement and manage network security controls across AWS, Azure, and hybrid environments.
• Provide technical guidance on Zero Trust principles, network segmentation, microsegmentation, and least-privilege access.
• Ensure core network security capabilities are integrated into enterprise monitoring, alerting, logging, and SIEM platforms.
• Review logs, alerts, vulnerability notices, and vendor advisories to recommend and implement improvements.
• Support Operations Center, SOC/NOC, and incident response teams during maintenance, outages, investigations, and incident resolution.
• Provide Tier II-IV troubleshooting support for complex network security incidents and service-impacting issues.
• Participate in after-hours upgrades, maintenance windows, emergency troubleshooting, and on-call availability as needed.
• Support IT Security, ISSO, System Owner, and OIS activities by addressing findings and POA&Ms.
• Create and maintain comprehensive documentation for firewall, VPN, RSA/MFA token services, content filtering, NAC, and edge security services.
• Follow and document configuration management, change management, and release management policies.
• Use automation and Infrastructure as Code (IaC) where practical for repeatable provisioning, configuration, and deployment.
• Provide status input, technical briefings, metrics, root-cause analysis, knowledge transfer, and mentoring to government staff and other contractor personnel.

Qualifications

• 7+ years of experience in network security engineering, network infrastructure, cybersecurity infrastructure, or a closely related role.
• 5+ years of hands-on experience designing, implementing, administering, and troubleshooting enterprise firewall platforms in production environments.
• Hands-on experience with Cisco firewall technologies (e.g., Cisco FTD/FMC, ASA, AnyConnect/Secure Client).
• Hands-on experience with Palo Alto Networks technologies (e.g., NGFW, Panorama, GlobalProtect, App-ID/User-ID).
• Experience with firewall policy design, NAT, segmentation, remote access VPN, site-to-site VPN, IDS/IPS integrations, high availability, logging, and operational troubleshooting.
• Working knowledge of Cloudflare or equivalent DNS, DDoS, WAF, CDN, Zero Trust, or edge security platforms.
• Experience with VPN services, secure remote access, RSA SecurID or equivalent MFA/two-factor authentication services, hardware and software token support, directory integration, partner tunnels, cloud tunnels, and cloud connectivity troubleshooting.
• Experience supporting MFA server operations, including software updates, patching, certificate/configuration changes, backups, log review, monitoring, and vulnerability remediation.
• Working knowledge of TCP/IP, DNS, DHCP, IPAM, BGP, routing, subnetting, TLS/certificates, VPN protocols, packet capture, NetFlow/traffic analysis, and common network diagnostic tools.
• Experience supporting network security in AWS and/or Azure environments.
• Experience integrating network security controls with enterprise monitoring, logging, SIEM, SOC/NOC, or incident response workflows.
• Experience working within formal change management, configuration management, release management, incident management, and vulnerability remediation processes.
• Ability to develop clear technical documentation, diagrams, SOPs, runbooks, implementation plans, rollback plans, status updates, and audit evidence.
• Strong communication and collaboration skills.
• Ability to obtain and maintain a Public Trust / Background Investigation and complete required DOC/Census security processing.

Benefits & Perks

• 401(k)
• 401(k) matching
• Dental insurance
• Flexible schedule
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Professional development assistance
• Referral program
• Retirement plan
• Tuition reimbursement
• Vision insurance

How to Apply

To apply for this role, click the Apply button on this page and follow the instructions.

Join Our Communities

Posted Date

June 6, 2026