MSM Technology logo

Lead Network Engineer

MSM Technology
Full-time
On-site
Tinker AFB, Oklahoma, United States
$110,000 - $125,000 USD yearly
  • Lead network architectural design, engineering, implementation, sustainment, migration, technical refresh, and lifecycle services for the Datacenter and Cloud enterprise network infrastructure
  • Provide network architectural design, modeling, engineering, implementation, sustainment, migration, technical refresh, and lifecycle services for the DISA Datacenter and Cloud enterprise network infrastructure. Network services and products supported shall include, but are not limited to, routers, switches, firewalls, web application firewalls, DNS, email gateways, proxy services, VPN, Local Area Network (LAN), Wide Area Network (WAN) and protocols, cryptographic devices, associated device software and firmware, diagnostic tools, and automation systems. The contractor shall also support a number of Intrusion and Detection Systems (IDS) and other network defense architectures in support of cyber defense operations and initiatives.
  • Design solution documentation that outlines guidance on licensing, physical architecture, logical configuration, eligibility, checklist application inventory, security policy protection phases, and basic administration to include system configuration baseline and security policy configuration baseline
  • Provide/support implementation solution documents and WAF subject matter expertise for the configuration and maintenance of DISA hosted Application Delivery Controllers to include software modules such as F5 BIG-IP Local Traffic Manager (LTM), Global Traffic Manager (GTM), Access Policy Manager (APM), and Application Security Manager (ASM) modules.
  • Develop required plans, whitepapers, briefings, and other required documents to support all engineering and implementation efforts with established policy and processes
  • Manage all software and firmware on network hardware and OEs are maintained and up to date on vendor supportable code versions
  • Ensure team issues Common Vulnerabilities and Exposures (CVE) for specific device and code version in accordance with government requested timelines
  • Continuously monitor the Government owned project management system for project support requests, project priority, triage to ensure urgency/impact are clearly defined, project assignments, project tasks/activities, project timelines and suspense, project reporting, and project briefings
  • Responsible for the planning, scheduling, execution, and closeout of Authorized Services Interruptions (ASI) in support of infrastructure network changes
  • Oversee the development of ASI migration guide detailing configuration steps, migration details, and fail-back plan
  • Attend and brief the weekly Communications ASI Review Board (CRB) for ASIs under their purview. Briefing shall consist of ASI site, risk level, network devices involved, applications impacted, and anticipated impact. The contractor shall also be available to consult on any questions or concerns raised by DISA Ecosystem Command and Control (C2).
  • Shall lead recommendations in operational processes to ensure successful migration and maintenance of applications behind Web Application Firewall (WAF)
  • Administer the development of automated workflows to be configured properly to provide infrastructure capacity and performance management for forecasting and planning future requirements
  • Proficiently communicate and brief ideas and information to people of a non-technical background include senior leadership


Requirements
  • Must have an active SECRET or higher security clearance
  • Must have 8+ years of implementation and sustainment of complex Datacenter and Enterprise Network infrastructure in a multi-vendor environment experience
  • Must have DoD 8570.01-M/8140.01 IAT Level II Certification (can be one of the following: Security+ or CySA+)
  • Must have Relevant Computing Environment (CE) certification based on the equipment and software relevant to primary duties
  • Must have IT Bachelor’s Degree or Vendor Network Certification (Professional or higher)
  • CCNP, CISCO, F5, Juniper (JNCIS, JNCIP) certification preferred
  • Strong and extensive knowledge of datacenter-based network methods, protocols and technologies such as:
  • (1) Routing [BGP/OSPF/MP-BGP/ MPLS/VPN/Multicast/ PBR]
  • (2) Switching [RSTP, VLAN, VXLAN, LLDP, VPC, LACP, LAG]
  • (3) TCP/IP [IPv4, IPv6, UDP, Layer 1 through Layer 7, IPSEC, HAIPE
  • (4) Firewalls [VPN, ACLs, Whitelisting]
  • (5) SDN/ NFV/ IAC [ACI, Service Insertion, Ansible]
  • (6) Load balancing [F5, APM, ASM, LTM, GTM]
  • (7) IDentity and Access Management with RBAC [AAA/RADIUS/TACACS/ LDAP]
  • (8) Network management and analysis (Performance Manager (PM), Juniper Space, Cisco ISE, Splunk]
  • (9) Structured cabling and installation standards
  • (10) Application of net- work security and design practices
  • (11) Cloud management [AWS/AZURE]
Salary Description
$110,000 - $125,000
Apply now
Share this job
Twitter Facebook Linkedin Email