Firewall EngineerHybrid: Alexandria, Virginia – 3 days on site, 2 days remote Long term Contract All Candidates Need Secret, Top Secret, Or TS/SCI Clearance And Security+ Or Other 8570 Compliant Certification Description: We are currently seeking a Firewall Engineer in the DC metro area to support our Digital Modernization organization. This person will be joining the DISA GSM-O program supporting the Joint Service Provider (JSP). The Firewall Engineer is responsible for supporting the Firewall and Load Balancer Assurance Program (FAP) to ensure firewall and load balancer security compliance by performing automated and manual assessments to deter and prevent exposure to cyber-attacks.
PRIMARY RESPONSIBILITIES:Support the FAP by utilizing applicable DOD STIGs, NIST, DISA applicable orders, and NSA policy, guidelines, and regulations.Identify misconfigurations, conflicting rules, security gaps, firewall and load balancer security issues, optimize rule-sets, and enhance the overall security posture and performance of firewalls and load balancers.Oversee and conduct a minimum of two (2) firewall and a minimum of two load balancer assessments every month on JSP and customer devices and generate assessment reports.Develop After Action Reports (AARs).Provide recommendations for firewall changes to include JRSS firewalls. BASIC QUALIFICATIONS:BS degree and 8+ years of directly relevant experience (or equivalent combination of education and/or experience - additional years of experience may be considered in lieu of degree).Must have a minimum DoD Secret security clearance as well as the ability to obtain TS/SCI.3+ years of firewall experience within the DOD environment.Must have a certification that satisfies DoD-8570 IAT Level 2 requirements upon start.Must have a Juniper, Cisco, Palo Alto certification upon start.Demonstrated knowledge of implementation of perimeter and internal firewalls (both physical and virtual contexts).Demonstrated advanced experience in managing standard baseline configuration across numerous firewalls.Demonstrated advanced experience in evaluating rules to ensure maximum security while minimizing redundancy in rules. Top Skills Details:Cisco ASAStandard baseline configurationLoad balance (F5 BIG-IP, Citrix ADC, NGINX, HAProxy)DOD STIGs, NIST
#J-18808-Ljbffr