Network Security Engineer with Security Clearance

---

Job description

Candidate MUST possess a TS/SCI clearance with Intel Polygraph Mandatory Requirements:
• Bachelor's degree in computer science, Engineering, Information Technology, or equivalent experience
• 15 years of demonstrated experience as a System Engineer/Data Security focusing on Zero Trust technology
• Experience building and deploying infrastructure using Automation tools such as Linux scripting, Python and PowerShell
• Expertise in defining and enforcing data retention policies aligned with government regulations, ensuring data availability and compliance with Zero Trust security measures
• Knowledge of strong authentication methods such as multi-factor authentication (MFA), biometric authentication, and smart card authentication for robust identity verification
• Extensive experience in implementing encryption solutions for data at rest, in transit and in use, leveraging cryptographic algorithms and key management aligned with Zero Trust principles
• Proficiency in data security technologies, including encryption tools, access control mechanisms, and other data-centric security tools
• Understanding of encryption in transit, function and design
• Ability to create and manage TLS certificates both through Windows certificate services and the creation and management of self-signed certificates
• Deep-level understanding of Windows Active Directory, as well as the ability to configure/edit Windows Active Directory and Domain Services
• Ability to effectively use and manage Splunk to find vulnerabilities, security incidents, and understand how security rules are written across infrastructure
• Expertise implementing system logging to include network device, Windows, and Linux logging
• Effectively manage and operate Privilege Access Management (PAM) software
• Ability to manage and use secrets management tools such as Ansible secrets vault, Hashicorp Vault or equivalent
• Adept at configuring Linux servers for both local user authentication with varying levels of root privileges and also joining Linux servers to a domain and configuring the correct least privilege permissions needed for the environment
• Ability to manage and design a multi-factor authentication (MFA) environment for both domain joined and stand-alone machines using Yubikey, RSA tokens, or equivalent
• Expertise managing network segmentation and redirection utilizing iptables, nftables, Illumio, or equivalent solutions
• Understanding of the difficulties involved in performing all tasks on-premises in a highly secure isolated network environment, prioritizing least privilege, network isolation, and following Zero Trust principles
• Analyze customer requirements and provides solutions to a variety of technical problems of varying degrees of complexity
• Familiarity of Enterprise Vulnerability Scanning tools, including the ability to interpret and remediate findings
• Good communication and presentation skill to convey complex technical concepts to both technical and non-technical customers Desired Requirements:
• Systems administration and IT certification in Linux, Microsoft, or other network related fields
• Experience using VMWare and other virtualization technologies MUST be a US Citizen with a U.S. Government clearance - Intel with Polygraph NOTE: Must have an active TS-SCI with poly. No sponsorships or upgrades are available. Submissions without this requirement will not be considered. H1-B holders will not be considered. Benefits:
Up to 5 week paid vacation 10 gov't holidays
Up to 15% contribution to 401k
LTD, STD disability and life insurance
Paid health, dental, and vision for employee and family.
$5000 annual training expense reimbursement
Computer purchase plan

<!– job description page –>