Security engineer jobs in Centreville, VA

MANTECH is seeking a motivated, career and customer-oriented Network Engineer to join our team in Chantilly, VA. This is a position requiring onsite work at customer locations within the local area (up to 10% travel). Responsibilities include but are not limited to: Designing and integrating comprehensive network, VoIP, VTC, and data center solutions, adhering to security guidelines and customer specifications to ensure robust and secure communication infrastructures. Managing the end-to-end integration of black and red networks, overseeing design, installation, maintenance, and coordination of a growing network with multiple external services to support operational needs. Receives a moderate level of guidance and direction working with other network engineers to resolve problems. Helps in diagnosing and resolving complex issues related to customer sites, telecommunications circuits, routing, switching, VoIP, VTC, network encryption devices, and Cisco data center/security to maintain network stability and performance Diagnosing and resolving complex issues related to customer sites, telecommunications circuits, routing, switching, VoIP, VTC, network encryption devices, and Cisco data center/security to maintain network stability and performance. Developing and maintaining detailed documentation, diagrams, and standard operating procedures to facilitate knowledge sharing and efficient network management. Providing expert guidance, training, and support to network administrators, service desk personnel, and junior engineers to enhance team capabilities and operational effectiveness. Minimum Qualifications: Bachelor's degree in Computer Science, Network Engineering, or equivalent field, demonstrating a strong academic foundation in related disciplines. 1.5 years of experience is equivalent to 1 year of college. 3-4 years of experience in networking, including VoIP, VTC, data circuits, network encryption devices (e.g., General Dynamics TACLANE), and virtualization technologies. Proficiency in dynamic routing protocols such as OSPF and BGP, with a deep understanding of MPLS and DMVPN Hub and Spoke technology for efficient network routing. DoD 8140 IAT Level II certification: SecurityCE and Computing Environment (CE) certification in Cisco technology (CCNA Voice) required. Valid US Drivers License with the ability to travel up to 10% locally to customer sites. Preferred Qualifications: Cisco Collaboration, Data Center, or Security certifications, indicating advanced expertise and specialized knowledge in relevant Cisco technologies. Experience implementing or troubleshooting VMware NSX-T virtualized networking and security platform developed by VMware. It enables automated implementation of network policies, network objects, isolation, and micro-segmentation. Clearance Requirements: Must have an active DoD TS/SCI with the ability to obtain a CI polygraph. Physical Requirements: The person in this position must be able to remain in a stationary position 50% of the time. Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentations

We are seeking multiple mid-level (5 years minimum) Cyber Defense Incident Responders that are available to work the midnight shift (11pm-7:30am) in a Security Operations Center. Clearance Requirements: Top Secret w/SCI Location: Washington, D.C. Job Description: Coordinate incident response functions. Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents. Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation. Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation. Perform cyber defense trend analysis and reporting. Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs). Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts. Track and document cyber defense incidents from initial detection through final resolution. Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness). Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise. Coordinate with intelligence analysts to correlate threat assessment data. Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise. Basic Qualifications- To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below: Bachelor's degree or higher 5+ years' experience in Malware analysis, digital forensics, data/network analysis, penetration testing, information assurance, leading incident handling Must have,one of the following certifications: CERT Certified Computer Security Incident Handler (CSIH), ECC Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), GIAC Information Security Fundamentals (GISF), or ISC2 Certified Information System Security Professional (CISSP). Strong written and verbal communication skills. Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). Knowledge of system administration, network, and operating system hardening techniques. Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Demonstrated ability to interact effectively with senior management and leadership. Ability to design incident response for cloud service models. Knowledge of incident categories, incident responses, and timelines for responses. Knowledge of incident response and handling methodologies. Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications. Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list) Desired Skills Experience identifying, capturing, containing, and reporting malware. Skill in preserving evidence integrity according to standard operating procedures or national standards. Strong securing network communications experience. Recognizing and categorizing types of vulnerabilities and associated attacks. Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Experience performing damage assessments. Skill in using security event correlation tools and design incident response for cloud service models.

Role: Cybersecurity Engineer III Contract Job Responsibilities / Typical Day in the Role Implement design reviews to evaluate security controls Identify and communicate opportunities to enhance the security posture of Client Build and / or manage enterprise security platforms effectively Communicate effectively across all levels of management to articulate Client security goals and vision. Identify and communicate opportunities to enhance the security posture of Client Build and / or manage enterprise security platforms effectively (SAAS, on premise or in Cloud) Communicate effectively across all levels of management to articulate Client security goals and vision. Have a team player mentality; strive to contribute to team cohesion however can work independently if the need arises Plan, design, engineer and implement security-related technologies Understanding technical security issues, their implications within Client business units and able to effectively communicate them to management and other business leaders. Configure, troubleshoot, and maintain security infrastructure - including software and hardware in cloud environments, as well as on-premises. Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement. Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals Research and explore emerging security technologies and determine their appropriate use within the company. Prepare, document, and create standard operating procedures and protocols. Crosstrain and mentor other team members as needed Must Have Skills / Requirements Implementing advanced cyber security technology in a complex environment 5+ years of experience; Hands-on experience in security engineering, hands-on experience in building, designing, and maintaining enterprise security tools. Scripting experience (using Python, Go, or other equivalent languages) 5+ years of experience. Hands-on Experience with automation technologies 3+ Years of experience; Terraform, Ansible, CloudFormation, etc. Linux Experience. 5+ years of experience; Ability to construct and maintain complex network infrastructures. Technology requirements: Engineer and administer security platforms including SIEM/SOAR systems, endpoint detection and response, vulnerability management, anomaly detection, and cloud analysis. Experience in managing the Brinqa vulnerability management platform and experience with Groovy programming language Must have 5+ years of scripting experience (using Python or other equivalent languages) Hands-on Experience in public cloud infrastructures like AWS (Amazon Web Services) Nice to Have Skills / Preferred Requirements Security and Cloud certifications are a plus. (CISSP, Splunk Admin, AWS Solution architect). Media/entertainment or distributed global network experience. Soft Skills Hands-on technical experience with networking and computing system architectures, specifically, the security aspects thereof. Thorough understanding of information security principles, techniques, principles, policy frameworks, and best practices Hands-on technical experience with compliance and regulatory frameworks and how they affect architecture designs and review

We are seeking a Cybersecurity Engineer with strong, hands-on experience implementing Data Loss Prevention (DLP) solutions, specifically using Azure Purview and Microsoft Intune. This role requires a technical practitioner who has directly deployed, configured, and operationalized security controls-not just monitored events. The engineer will design and implement secure architectures across cloud and hybrid environments, conduct threat modeling, integrate security into new platforms, and ensure alignment with industry best practices and regulatory frameworks such as NIST 800-53, FISMA, and FedRAMP. The ideal candidate must have 10+ years of experience that brings advanced knowledge of cloud security, IAM, encryption, authentication protocols, and modern DevSecOps practices. Additional responsibilities include developing reusable security patterns, performing architecture reviews, enhancing automation, and partnering with IT teams to mature the organization's security posture. Strong communication skills, deep technical proficiency, and experience with Azure/AWS infrastructures are essential for success in this role. This is an onsite direct hire opportunity in Arlington, VA, no contract, no sponsorship. Relocation assistance provided within the US. LI #HP-1

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate data and cyber security risks. Develops acceptance criteria for cybersecurity architecture. Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems. Assists with defining security objectives and system-level performance requirements. Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities. Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses. Maintains the computer and information security incident, damage and threat assessment programs. Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports. Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed. Supports the development of integrated system solutions ensuring proprietary/confidential data and systems are protected. Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems. Minimum Qualifications Bachelor's Degree in Computer Science or a related field or equivalent experience. 2-4 years of experience in systems security. Other Job Specific Skills Must be able to communicate effectively and clearly present technical approaches and findings. Exercises a limited degree of latitude in determining technical objectives of assignments. Excellent attention to detail. Must be able to balance multiple tasks simultaneously. #cjpost

Title: Application Security Engineer Clearance Required: Public Trust Position Type: Full-Time About the company: At VivSoft, we aim to solve complex federal problems using emerging and open technologies in a collaborative and rewarding environment. VivSoft is a diverse team of strategists, engineers, designers, and creators experienced in building high performance effective softwares, with impactful organizational design and organizational dynamics for software delivery. We build secure Software Factories based on DoD reference designs and NIST Frameworks for Cloud and DevSecOps. These factories deliver AI/ML Applications, Data Science Platforms, Blockchain and Microservices for DoD, Healthcare and Civilian Agencies Job Summary: We are seeking an Application Security Engineer to support the modernization of a large-scale enterprise software development platform. This role focuses on securing CI/CD pipelines, enforcing DevSecOps best practices, and implementing automated security testing throughout the SDLC. The engineer will work closely with development and platform engineering teams to embed security into reusable templates, GitHub Actions, and deployment workflows, ensuring applications are built and deployed securely across environments. Key Responsibilities: Using GitHub Advanced security, review security findings of the organization. Review, validate, and approve request to remediate security findings. Review, validate, and approve request to dismiss security findings. Collaborate with Federal POC and FDIC security team to create and implement application security processes and standards. Identify gaps and design solutions to improve application security at the FDIC. Provide guidance to FDIC developers in regard to remediating findings when needed. Required Skills: Bachelor's degree in Computer Science, Engineering, Information Technology, or related field, or equivalent professional experience. Proficiency in at least one or two major enterprise languages (e.g., Java, .Net, C#, JavaScript) to effectively review code and understand development context. Experience integrating security tools (SAST/DAST/SCA) into CI/CD pipelines to automate vulnerability scanning. Proficient in conducting and interpreting results from SAST (Static Analysis Security Testing) DAST (Dynamic Analysis Security Testing) Manual Code Review for security flaws Deep understanding of the OWASP Top 10 and other common application security attack vectors (e.g., injection, XSS, broken access control). Knowledge of security considerations for large, complex enterprise architectures, which may include Cloud Security (AWS, Azure, or GCP), API security, and microservices.

BASIC FUNCTION: The Senior Cybersecurity Engineer is responsible for safeguarding the client information systems, digital assets, and technology infrastructure. This role designs, deploys, and maintains advanced cybersecurity solutions that protect patient data, clinical systems, and enterprise applications. The Senior Cybersecurity Engineer ensures the client's technology environment remains secure, compliant, and resilient against emerging threats. This position combines hands-on technical expertise with strategic leadership, driving initiatives that enhance cybersecurity maturity and operational readiness across on-premises, hybrid, and cloud environments (e.g., Azure, AWS). The role is pivotal in incident response, risk management, and ongoing improvement of security controls in alignment with hospital policies and regulatory standards such as HIPAA, NIST 800-53, and ISO/IEC 27001. Salary: $130-140k Employment Type: Full-time, direct hire Location: Onsite 3 days/week, remote 2 days/week in Washington DC SUPERVISORY ACCOUNTABILITIES: This role does not have direct supervisory responsibility but may provide technical guidance and mentorship to junior cybersecurity staff, contractors, and project teams. The Senior Cybersecurity Engineer may lead cross-functional implementation teams and coordinate security initiatives with other IT departments. NATURE AND SCOPE: Operating in a fast-paced, high-impact healthcare technology environment, the Senior Cybersecurity Engineer reports to the Senior Director of Cybersecurity and collaborates with colleagues across Technology Services, including Infrastructure, Applications, Network Operations, and Compliance. Internal contacts include hospital administrators, clinical and research staff, faculty, and IT personnel. External contacts include technology vendors, auditors, and regulatory agencies. The role requires strong analytical skills, proactive threat awareness, and the ability to balance operational needs with strategic security objectives in a mission-critical healthcare setting. PRINCIPAL ACCOUNTABILITIES: Security Operations & Incident Response Monitor, analyze, and respond to security alerts, incidents, and anomalies across hospital systems. Conduct vulnerability assessments, penetration tests, and threat-hunting activities to identify and mitigate risks. Investigate and document security incidents, performing root cause analyses and recommending remediation measures. Utilize SIEM, EDR, and IDS/IPS platforms (e.g., CrowdStrike, Microsoft Sentinel) to enhance continuous monitoring. Security Engineering & Architecture Design, implement, and manage enterprise cybersecurity controls, including firewalls, NAC, DLP, CASB, and endpoint protection systems. Support secure configuration management using CIS Benchmarks and STIGs. Implement and maintain identity and access management (IAM), multifactor authentication (MFA), and privileged access controls. Integrate security practices into DevOps processes and CI/CD pipelines (DevSecOps). Support the adoption and enforcement of Zero Trust Architecture principles across hybrid and cloud environments. Governance, Risk, and Compliance Ensure adherence to cybersecurity frameworks and regulatory standards, including HIPAA, NIST 800-53, ISO/IEC 27001, PCI DSS, and GDPR. Contribute to the creation and maintenance of security policies, procedures, and documentation. Support internal and external audits, risk assessments, and compliance reviews. Participate in disaster recovery and business continuity planning activities. Collaboration, Training, and Awareness Collaborate with IT, Compliance, and Clinical Operations to integrate security into all technology operations. Provide mentorship and technical guidance to IT staff and cybersecurity personnel. Develop and deliver training on secure computing, phishing prevention, and data protection best practices. Communicate complex technical concepts clearly to diverse audiences, promoting shared responsibility for security. CORE COMPETENCIES: Strategic Thinking: Align cybersecurity initiatives with hospital priorities and risk management goals. Technical Expertise: Deep knowledge of enterprise and cloud security controls, architectures, and technologies. Incident Response: Skilled in threat analysis, vulnerability mitigation, and incident management. Collaboration: Strong interpersonal and communication skills for cross-departmental teamwork. Innovation: Ability to evaluate emerging tools, techniques, and threat intelligence for proactive defense. Compliance Knowledge: Familiarity with HIPAA, NIST, ISO 27001, PCI DSS, and related standards. Problem Solving: Detail-oriented and methodical approach to resolving complex security challenges. Adaptability: Capable of managing multiple priorities and responding quickly to evolving threats. MINIMUM REQUIREMENTS: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field required. Master's degree in Business Administration, Cybersecurity, or related discipline preferred. Experience: 7-10 years of progressive experience in information security, with at least 5 years in a security engineering role. Proven experience securing hybrid infrastructures, including on-premises systems and cloud environments (Azure, AWS, GCP). Hands-on expertise with enterprise tools such as Microsoft Defender Suite, Cisco ISE, CrowdStrike Falcon, and Azure Sentinel. Proficiency in scripting languages (e.g., PowerShell, Python) for automation and threat analysis. Certifications (one or more preferred): CISSP (Certified Information Systems Security Professional) CISM (Certified Information Security Manager) CCSP (Certified Cloud Security Professional) AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate SABSA or TOGAF (preferred)

Employment Type: Full-Time Strategies SteerBridge Strategies is a CVE-Verified, Service-Disabled Veteran-Owned Small Business (SDVOSB) delivering a broad spectrum of professional services to the U.S. Government and private sector. Backed by decades of hands-on experience in federal acquisition and procurement, we deliver agile, best-in-class commercial solutions that drive mission success. Our strength lies in our people-especially the veterans whose leadership, discipline, and dedication shape everything we do. At SteerBridge, we don't just hire talent-we empower it. We cultivate meaningful career paths for those who have served and for those who share our commitment to excellence, innovation, and service. Position Overview SteerBridge Strategies is seeking a highly accomplished Security Architect to support our Modern Disability Claims (MDC) initiative-a transformative effort to modernize claims processing systems for the Department of Veterans Affairs (VA). This mission-critical project enhances the security, reliability, and operational efficiency of systems entrusted with sensitive Veteran information. As the Security Architect, you will serve as a strategic and technical authority, guiding cybersecurity architecture across cloud and hybrid environments, ensuring compliance with federal and VA mandates, and fortifying the systems that safeguard the data of those who have served our nation. This is a rare opportunity to apply your expertise at scale while shaping the future of secure digital services for millions of Veterans. Key Responsibilities Architect secure, scalable, and resilient solutions across cloud and hybrid infrastructures supporting VA claims systems. Partner with engineering, infrastructure, and compliance teams to embed secure design principles throughout the system lifecycle. Develop, maintain, and continuously refine System Security Plans (SSPs); lead all phases of the ATO process. Interpret and apply NIST 800-53, NIST 800-171, FedRAMP High, and VA-specific cybersecurity requirements across system and data environments. Lead full RMF lifecycle activities-from system categorization through continuous monitoring and ongoing authorization. Conduct comprehensive risk assessments, gap analyses, and vulnerability remediation planning. Oversee the creation of cyber policies, technical documentation, audit-ready control evidence, and security reporting. Coordinate and participate in security audits, penetration tests, incident response actions, and forensic investigations. Serve as a subject matter expert in data protection, encryption technologies, identity/access controls, and secure SDLC best practices. Collaborate with ISSOs, ISSEs, and federal security teams to ensure seamless security alignment and compliance. Required Qualifications U.S. Citizenship required Bachelor's or Master's degree in Cybersecurity, Information Systems, or a related field Active Secret clearance or ability to obtain one 10+ years of cybersecurity architecture experience in federal or large enterprise environments Deep expertise in NIST 800-171, NIST 800-53, FedRAMP, and federal cybersecurity frameworks Proven experience developing ATO packages and leading security authorization activities Strong background in system hardening, network security, encryption protocols, and secure SDLC Experience architecting secure solutions in AWS, Azure, and/or GCP environments Exceptional written and verbal communication skills with the ability to produce audit-ready documentation Experience coordinating with ISSOs, ISSEs, federal security teams, and cross-functional engineering groups Preferred Qualifications Certifications such as CISSP, CAP, CISM, or equivalent Cloud architecture experience or cloud-related certifications Familiarity with VA security requirements, VAEC, and Veteran-focused IT systems Hands-on experience designing solutions to FedRAMP High baselines Benefits Health Insurance Dental Insurance Vision Insurance Life Insurance 401(k) Retirement Plan with Company Matching Paid Time Off (PTO) Paid Federal Holidays A competitive salary commensurate with experience will be offered. Equal Opportunity Commitment SteerBridge Strategies is proud to be an Equal Opportunity Employer. We are committed to fostering a diverse and inclusive workplace where all qualified applicants and employees are treated with respect and dignity-regardless of race, color, gender, age, religion, national origin, ancestry, disability, veteran status, genetic information, sexual orientation, or any other characteristic protected by law. We also provide reasonable accommodations for individuals with disabilities. If you require assistance during the application process, please reach out so we can support your needs.

Senior Security Engineer (Information Security Analyst IV) Clearance: Public Trust (U.S. Citizen or Green Card Holder; 3+ years U.S. residency required) Business Unit: Digital Modernization Role Summary The Senior Security Engineer supports the Department of Transportation's (DOT) Cybersecurity mission by enhancing and maintaining the security posture of DOT information systems and infrastructure. These systems play a critical role in safeguarding U.S. critical infrastructure, including highways, bridges, and roadways. This position provides advanced security engineering, participates in strategic security design, and delivers technical expertise for integrated security systems and endpoint protection. The role requires independent decision-making, leadership, and the ability to guide less experienced staff. It also involves complex problem-solving, interaction with senior federal leadership, and contributions that directly impact mission and schedule outcomes. Key Responsibilities Implement endpoint protection profile changes to address external threats and enforce security requirements. Coordinate with application, infrastructure, and engineering teams to troubleshoot endpoint protection software issues. Integrate endpoint security data with security log aggregation tools, including SIEM platforms. Participate in cybersecurity incident handling activities as requested. Stay current on emerging threats, vulnerabilities, and industry best practices related to endpoint security. Work assigned cybersecurity and security operations ITSM (ServiceNow) tickets through completion. Participate in Cybersecurity and Security Operations (SecOps) meetings. Collaborate on cybersecurity solutions that enhance the DOT's security posture. Configure, validate, and test secure systems and physical controls to detect security weaknesses. Contribute to strategic security design efforts, translating business and security requirements into technical solutions. Recommend policy changes and guide others in achieving departmental cybersecurity objectives. Required Technical Skills Endpoint protection management solutions (hands-on experience). Proven understanding of Federal cybersecurity requirements, including FISMA and the NIST 800 series. Ability to articulate endpoint security concepts to non-technical stakeholders. Demonstrated experience collaborating across cross-functional cybersecurity teams. Ability to evaluate complex security problems and apply judgment within established practices and policies. Experience with integration of endpoint security data into SIEM or log aggregation tools. Experience working security operations tickets within ServiceNow. Knowledge of security systems, secure configuration, validation, and testing methodologies. Preferred / Nice-to-Have Skills Foundational understanding of: Application and technology stacks Cloud-based systems Operating systems Databases Networking Firewalls Data Loss Prevention (DLP) Endpoint security software Network IDS/IPS Host-based IDS/IPS General cybersecurity best practices and industry standards Qualifications & Experience 9+ years of experience in Cybersecurity or related IT fields. Bachelor's degree + 9 years OR Master's degree + 7 years of experience Technical Certifications (one or more required): Network+ Security+ SSCP GISF ISACA Cybersecurity Fundamentals Or similar technical cybersecurity certification Ability to obtain and maintain a Public Trust clearance. Benefits (employee contribution): Health insurance Health savings account Dental insurance Vision insurance Flexible spending accounts Life insurance Retirement plan All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Staffing Pros, a division of VETS Inc., is recruiting for a full-time Qualys Security Engineer onsite in Washington, DC or Beltsville, MD. This position requires an Active Secret Clearance. This position is based on-site at either the Washington, DC or Beltsville, MD office, with occasional travel between the two locations. Oversee day-to-day management of the Qualys platform including agents, scanners, and connectors. Optimize scan configurations, authentication methods, and template deployments. Review and interpret scan results to generate actionable intelligence for technical and non-technical audiences. Partner with infrastructure, development, and SOC teams to validate findings and drive remediation efforts. Automate tasks using Qualys APIs and custom scripts to support reporting and data integration. Maintain an up-to-date asset inventory through discovery and classification workflows. Minimize false positives through tuning and validation. Conduct policy compliance assessments in support of regulatory frameworks. Provide guidance and mentorship to junior analysts in vulnerability management best practices. Qualifications: Basic Qualifications 5+ years of hands-on experience with vulnerability scanning tools (strong preference for Qualys). Must be able to commute to Beltsville, MD or Washington, DC for full-time onsite work. Proficiency in scripting (Python, PowerShell, or Bash). Familiarity with network protocols, OS security (Windows/Linux), and web application vulnerabilities. Understanding of compliance standards and frameworks (e.g., NIST 800-53, CIS Controls, ISO 27001.) Qualys Vulnerability Management & Policy Compliance. Qualys Web Application Scanning. Automation using Qualys APIs. Network architecture and protocol knowledge. Database and OS-level security. Vulnerability lifecycle and remediation strategies. Excellent written and verbal communication. Strong problem-solving and analytical mindset. Ability to operate independently or as part of a multi-disciplinary team. Solid documentation and reporting practices. Experience engaging with cross-functional stakeholders. US Citizenship with a Secret clearance with the ability to obtain a Top Secret clearance. Preferred Qualifications Professional certifications: CISSP, CEH, GIAC, or equivalent. Exposure to other scanning tools (e.g., Tenable, Rapid7). Familiarity with public cloud security models (AWS, Azure, GCP). Experience with configuration management tools and CI/CD pipelines. Background in system administration, network engineering, or DevSecOps. EEO Statement Staffing Pros a division of VETS-inc is an Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities. The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.

Through NRI (formally Core BTS) Resource Management Services (RMS), we offer custom talent solutions to help our clients meet their evolving technology and business needs. We help effectively match the right technology professional to their organization, recruiting for contract, contract-to-hire, and direct roles. Our client within the financial industry is in need of a Network Security Engineer to join their team. Qualified candidates MUST be US Citizens with the ability to obtain a US Government issued security clearance. Overview The Network Security Engineer is primarily responsible for configuring, deploying and maintaining secure network infrastructures to protect organizational data and resources from internal and external threats. This role involves monitoring networks for security vulnerabilities, investigating incidents, and deploying security solutions to mitigate attacks. This role also includes ensuring the high availability of networking security infrastructure and developing processes and procedures for ongoing management of the network environment. The ideal candidate possesses a strong technical background, analytical skills, and a proactive approach to network defense. Responsibilities Design, configure, and manage secure network architectures, including firewalls, VPNs, IDS/IPS, and other security appliances Maintain Next Generation firewalls and monitor/manage consoles or systems Manage all firewalls at our client, including firewall rules to ensure alignment with IT Security Policies Interact and negotiate with vendors, outsourcers, and contractors to secure network products and services Support the deployment of workstations, network devices, servers, printers, scanners, firewalls, encryption systems, and all host security systems Monitor network traffic and system logs to identify suspicious activities and potential threats Respond to and investigate security incidents, performing root cause analysis and implementing corrective actions Enforce network security policies, procedures, and best practices Manage and update network access controls, including user authentication and authorization mechanisms Collaborate with IT teams to ensure secure integration of new technologies and systems Maintain up-to-date knowledge of the latest cybersecurity trends, threats, and technologies Create and/or maintain network design diagrams and documentation Create and/or maintain network service monitoring, alerting, and responding to incidents Coach and guide team members with less experience Maintain excellent communication with internal and external parties Participate in rotational “on‐call” schedules Remain cognizant of and adheres to our client's policies, procedures, and regulations pertaining to the Bank Secrecy Act (BSA) Qualifications Required Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience) Minimum 5 years proven experience in configuring and administering on-premises and cloud based Next Generation Firewalls (NGFW) and IDS/IPS systems such as; Cisco Firepower, Fortinet FortiGate, and Microsoft Azure Minimum 5 years proven experience in network security engineering or a related IT security role Strong understanding of networking protocols, network routing, operating systems, and security technologies (e.g., firewalls, proxies, SIEM, IDS/IPS) Understanding of network security applications and systems such as e-mail gateway, web gateway, firewalls, and proxies The ability to assist in authoring and reviewing security policy, standards, and procedures Excellent problem-solving, analytical, and communication skills Ability to work independently and collaboratively in a fast-paced, dynamic environment Strong attention to detail and commitment to maintaining confidentiality and integrity of sensitive information Effective oral and written communication skills Ability to interact effectively with all levels of the organization and/or with vendors Ability to obtain and maintain a secret level security clearance A standard 8-hour shift between the core hours of 7:00 AM and 5:00 PM is required to support our client's operations Occasional after-hours or on-call work may be required to respond to security incidents or perform system upgrades. Ability to work effectively on-site in our Herndon, VA headquarters and equally effectively remotely Network Security Engineers typically work in hybrid work environment consisting of three days on site at our client's Corporate Headquarters in Herndon, VA, and 2 days remote. Hybrid work is at management discretion and typically granted after an initial onboarding period Preferred Professional certifications such as CCNA, CISM, CCNP Security, or similar

Hybrid - remote allowed, but should live in driving proximity to Springfield, VA Travel: up to 25 percent mostly to Chicago and Atlanta** Direct Hire with Benefits In this role you will guide the security direction for a hybrid environment that spans on premises systems and cloud platforms including Microsoft Dynamics Microsoft 365 Azure directory and the Microsoft security ecosystem. You will also work hands on with firewalls support multi-site network uptime document standards train users and collaborate closely with software and security vendors. This position requires someone who enjoys being the subject matter expert who can see the big picture while also building and improving day to day systems. What you will do Lead security operations including assessment mitigation and incident response Support and maintain the network across multiple facilities with a focus on reliability and resilience Plan and implement architecture improvements for both on premises and cloud based environments Work with business and software vendors to evaluate tools resolve issues and drive enhancements Develop and maintain documentation playbooks and standards for network and security operations Provide user training on security best practices and new technologies Drive continuous improvement by exploring and recommending modern solutions What we are looking for Five or more years of hands on experience in security engineering or network security Experience supporting hybrid environments on premises and cloud Strong familiarity with Microsoft based ecosystems including Dynamics M365 Azure directory Sentinel Defender P2 and E5 Background working with firewalls pfsense or similar Ability to design troubleshoot and document network architectures Experience responding to security events and closing security gaps Comfort interacting with external vendors and internal teams Clear communication skills solid documentation habits and a growth mindset Candidates must be based in Virginia and open to regional travel up to 25 percent If you enjoy being the trusted expert for both networking and security and want the freedom to influence modern solutions this role offers the autonomy and impact you are looking for.

ISSO Industry: Government Contracting Our client is seeking a talented ISSO to join their team. This position will support the Assistant Secretary for Administration (ASA) under guidance from the CIO's Information System Security Manager (ISSM). The candidate will ensure a portfolio of 4 systems are in compliance with applicable NIST standards, and provide standard ISSO services. The candidate will also work closely with the other ISSOs supporting the client customers to provide leadership and mentoring and ensure consistent delivery of ISSO services. ISSO Key Responsibilities: · Ensure applicable cybersecurity policies are implemented for systems and information system-related physical security also under purview. · Maintain operational security posture consistent with current security policy. · Report actual or suspected computer-security incidents to DOT CSIRC within time frames established by DOT Incident Response policy for incident types in accordance with US-CERT. · Distribute cybersecurity notices and advisories to appropriate personnel and that vendor-issued security patches are expeditiously installed. · Serve as primary security to system owners, common control providers, and users. · Serve as focal point for cybersecurity incident reporting and subsequent resolution. · Assisting ISSM in reviewing contracts for information systems under the Component's control to ensure that cybersecurity is appropriately addressed in contract language. · Ensure all security-related SDLC documentation meets all identified security needs. · Maintain Security Assessment and Authorization (SA&A) documentation for information systems under purview according to DoT Cybersecurity Policy and Compendium. · Ensure selection of NIST SP 800-53 baseline security controls are appropriate for system based on FIPS 199 security categorization, NIST SP 800-53 guidance, and supplemental DOT policy specified in DoT Cybersecurity Compendium. · Assist System Owner, Information Owner, and ISSM in recording all known security weaknesses of assigned information systems in POA&Ms IAW DoT policy and procedures. · Track all security education and awareness training conducted for personnel and contractors, as required by DoT Cybersecurity Policy and Compendium. · Provide security advice to AO and System Owner on all matters (technical and otherwise) involving security of the information system. · Ensure required updates are performed to key documents in accordance with NIST SP 800-37 for continuous monitoring. · Identify changes to systems that may impact security controls, perform security impact assessment of proposed changes, report any change in risk posture, and provide recommendations for risk mitigation. · Ensure proper backup procedures exist for assigned information systems and that procedures are performed and tested in accordance with System Security Plan. · Assist System Owner and ISSM to ensure external connections to/from DoT information systems and networks are provided by an approved DoT Trusted Internet Connection Access Provider (TICAP) or DoT-approved Managed TIC Provider Service (MTIPS). · Ensure audit logs are captured, maintained, and analyzed as required by NIST SP 800- 53 and any supplemental Departmental Cybersecurity Policy and the Compendium. · Ensure DoT enterprise information security management system (CSAM or its successors) accurately contains required information system inventory, categorization, POA&Ms and other security metrics required by DoT CIO through this policy. · Complete mandatory annual specialized information security training. ISSO Required Skills:8+ years of experience in IT Security Certified Information Systems Security Professional (CISSP) certification. Understanding of NIST 800.53 and its applicability to IT Systems. Expertise with Risk Management Framework, FEDRAMP and FISMA. Understanding authentication in the cloud environment. Experience with continuous monitoring of a cloud system Experience working on assessments with third party assessments organization (3PAO) AWS/Azure associate certified ISSO Compensation and benefits: $120,000 Company-supported medical, dental, vision, life, STD, and LTD insurance Benefits include 10 federal holidays and PTO. 401(k) with company matching Flexible Spending Accounts for commuter, medical, and dependent care expenses Tuition Assistance

The selected candidate will be responsible for the following: Support the ITP network infrastructure, perform all routine maintenance activities, provide guidance on upgrades and system recapitalization, perform availability/capacity management. Oversee High Speed Guard Cross Domain solution that supports the transfer of data between multiple classification domains. Support all documentation to effectively capture the configuration baseline. Design and support system recapitalization plans to account for capacity growth and changes as directed by the customer. Serve as the subject matter expert on all ITP network infrastructure. Basic Qualifications: Bachelors degree and (12)+ years of prior relevant experience or Masters with (10)+ years of prior relevant experience Prior leadership responsibilities Excellent written and oral communication skills Experienced and adept at developing and maintaining technical documents, analyses, and reports Experienced with preparing and presenting briefings to senior customer management, and customer stakeholders Working knowledge of defense-in-depth principles, network/HW/SW security architecture, network topology, IT device integrity, and common security elements Active Top Secret government security clearance; ability to obtain DHS EOD SCI Preferred Qualifications: Master's degree from an accredited college or university in IT Management, Engineering, or related field Proven experience (10+ years) in IT service delivery management Experience with User Activity Monitoring products and platforms Experience with Everfox High Speed Guard Platform Experience with Cisco, Juniper LAN/WAN network infrastructure Experience with Palo Alto Firewalls DHS Cleared preferred CCNP or Higher ForcePoint/FirePower Experience

What this Job Entails: The Network Deployment Engineer II will design, develop, build and test systems and products based on optic, photonic and laser technologies. The position will interact with device, hardware and software design teams to assist in overall development of optical systems. The position will be responsible for specifying, selecting and qualifying active and passive optical components. The role will also assist with developing and benchmarking system performance models, developing and assisting with implementing test procedures and/or evaluating and selecting appropriate test instrumentation. Scope: Applies company policies and procedures to resolve a variety of issues Works on problems of moderate scope Receives general instructions on routine work and detailed instructions on new projects Your Roles and Responsibilities: Deploy, configure, and support a large-scale production and corporate network and server infrastructure in data centers and Point of Presence (POP) sites throughout the assigned region Calculate and document equipment power requirements and work with Engineering, Facilities Operations, and/or collocation vendors to meet these requirements Participate in project timelines to support network turn-up within expected completion intervals Responsible for asset management of networking gear in datacenter and POP sites Proactively contribute to documentation, automation and processes as they evolve Create network and server rack face elevations, floor plans, wiring diagrams, and detailed port maps for new deployments and documentation Create statements of work for vendors at the POP sites Prepare cage and rack designs, and understand the overall needs of POP infrastructure Document and follow RMA processes and procedures for all relevant vendors Follow, improve, and implement data center and POP best practices Provide necessary escalations to higher support tier; assist Sales and Customer Support with technical operations, and work with internal departments to ensure customer satisfaction Work closely with Network Engineering, Logistics, and equipment vendors as new equipment and technologies are integrated into the production network Use internal tools and scripts to configure, monitor, and repair servers and network equipment Detect and diagnose various error/failure conditions across an array of server types Other duties as required. This list is not meant to be a comprehensive inventory of all responsibilities assigned to this position Required Qualifications/Skills: Bachelor's degree (B.S/B.A) from four-college or university and 2 to 5 years' related experience and/or training; or equivalent combination of education and experience Builds productive internal and external working relationships Exercises judgment within defined procedures and practices to determine appropriate action Must have an understanding of data center network architecture and common issues related to data center networks Knowledgeable in data center practices (i.e. cable routing, calculating power usage and cooling) Experience with field-based work in POPs, carrier hotels, or central office environments Experience with enterprise and service provider network hardware platforms and architectures, including data center switching platforms Must have a sound and in-depth understanding of IP technologies such as MPLS, BGP, RSVP-TE, IS-IS Basic understanding of transmission technology and circuit troubleshooting techniques Solid understanding of fiber-optic technology including cable types, connector types, optic types, patch panels, and optical transport technologies Proficiency in various operating systems Ability to capture and analyze traffic Solid understanding of queue management for tasks and incidents, vendor engagement, and escalation and participation in ongoing POPs deployment projects Demonstrated ability to analyze complex situations and utilize troubleshooting skills, systems and tools, and creative problem solving abilities under pressure Excellent communication skills Experience in dealing with service providers and colocation facilities around the world Ability to work within a global team in a fast-paced and dynamic environment with limited supervision Strong attention to detail with excellent time management and organization skills 20% to 50% of travel required Preferred Qualifications: Understanding of various scripting languages is strongly desired Certification such as CCNA, JNCIA, RHCT, or equivalent experience Physical Demand & Work Environment: Must have the ability to lift/move 30-40 lbs. Must have the ability to perform office-related tasks which may include prolonged sitting or standing Must have the ability to move from place to place within an office environment Must be able to use a computer Must have the ability to communicate effectively Some positions may require occasional repetitive motion or movements of the wrists, hands, and/or fingers

Cleared Network Engineer Full-time, Onsite (JBAB D.C.) An active TS/SCI security clearance is a must to apply! We're looking for an adept networking professional who is passionate about deploying and operating technologies that enable highly scalable and available resources for the applications users rely upon. Company POC is a senior-level technologist with direct experience in the environment. This perspective along with the long-term thinking at the company drives focus on the best all-around match for the customer, team member, and company. Responsibilities: Work within the networking team to administer the existing network environment Serve as an escalation point for network administrators Assist with planning of system design, layout and development of baseline configuration for an enterprise network Assist with developing test plans and procedures to implement and validate the organization's requirement for reliability and high availability. Deploy health monitoring and predictive alerts across all sites and networks. Analyze legacy infrastructure and provide recommendations for lifecycle, modernization, and migration strategies. Collaborate with security teams to ensure compliance with security controls Mentor other technical staff on the team Assist in the design and implementation to scale network automation and management Requirements: 6 years of relevant experience CCNP Infrastructure, Datacenter, or Security (but must be well versed in enterprise route/switch)

Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction. SME Network Engineer Location: Lorton, VA (22079) Citizenship: U.S. Citizen (required for access to DHS IT systems) Clearance: Must be able to obtain and maintain DHS/ICE Fitness Determination (Public Trust), including a favorable preliminary Fitness and full NBIS eAPP investigation (SF-85P, OF-306, SSA-89, fingerprints, PREA questionnaire if required) Schedule: Full-time; business hours (7:00-5:30, M-F) with required 24/7 on-call availability Hybrid Work: Lorton, VA roles may telework up to 2 days per week; 3 days onsite required (subject to mission needs) Travel: Occasional CONUS travel; local travel within 50 miles is not reimbursable Role Overview Harmonia Holdings Group is seeking an experienced SME Network Engineer to support DHS ICE Homeland Security Investigations (HSI) Title III and Linguists Unit (T3LU) under the CALEA program. This role provides hands-on leadership across all network engineering functions, including architecture, routing, switching, firewall engineering, VPN and PKI integration, segmentation design, troubleshooting, and IA/accreditation-grade documentation. The SME ensures the integrity, resilience, and performance of mission-critical CALEA networks and collaborates closely with Systems, Virtualization, Storage, and Field Engineering teams to ensure end-to-end operational success. This position supports DHS's mission while contributing to Harmonia's overarching goals: delivering premier technology services, driving mission-focused innovation, sustaining organizational excellence, and being an employer of choice for skilled professionals. Responsibilities Network Architecture & Design Design, document, and maintain CALEA network architecture, including: Layer 2/Layer 3 topology IP address schema and subnetting VLAN/VRF segmentation Routing design (OSPF, BGP, EIGRP, static routing) Firewall zoning, NAT policies, and security segmentation VPN tunnels, encrypted transport paths, and PKI integrations COOP/DR network routing and failover paths Produce and maintain authoritative network diagrams, data flows, trust boundaries, and configuration baselines. Evaluate, recommend, and implement enhancements to improve security, availability, and performance. Network Operations & Troubleshooting Serve as the primary network engineer for diagnosing, resolving, and preventing outages across the CALEA enterprise. Perform packet-level analysis (Wireshark/tcpdump), flow analysis, and log correlation to identify and remediate issues. Lead network upgrades, configuration changes, ACL/policy adjustments, and planned maintenance. Monitor network performance and availability; tune routing, firewall, and VPN parameters as needed. Firewall, Security & Accreditation Support Engineer and maintain firewall policies and segmentation (Palo Alto preferred; Fortinet/Cisco ASA experience acceptable). Support security hardening, vulnerability remediation, and IA/ATO documentation requirements. Produce accreditation-ready artifacts, including boundary diagrams, data-flow representations, rule documentation, and enclave segmentation maps. Collaborate with ISSO and security teams to address findings and strengthen compliance posture. Interoperability & Cross-Domain Integration Document and support network dependencies across Active Directory, DNS/DHCP, VMware/vSphere, SAN/iSCSI/NFS storage, and application tiers. Validate end-to-end system functionality after network changes. Partner with Systems, Virtualization, Storage, and Field SMEs to maintain seamless operations across CALEA sites. COOP/DR & Lab Engineering Contribute to COOP/DR planning, design, and testing to ensure high availability and rapid failover capabilities. Support lab environment setup for replication, patch validation, and network simulation. Documentation & Mission Coordination Maintain technical documentation, diagrams, IP plans, SOPs, and configuration repositories. Coordinate with Harmonia and ICE technical leads to resolve issues, support field operations, and sustain mission readiness. Required Qualifications Bachelor's degree in IT, Engineering, or related field OR +5 years equivalent experience. 10+ years of enterprise network engineering experience with increasing responsibility. Technical Proficiency Deep hands-on experience with: Cisco routing/switching (3k-9k platforms) Palo Alto or Fortinet firewalls and policy design VPN architecture, IPsec tunneling, PKI integration Network segmentation using VLANs, VRFs, and security zones Packet capture and analysis Network monitoring and telemetry tools (SolarWinds, NetFlow, Splunk, etc.) Demonstrated ability to produce complete network diagrams and architecture documentation based solely on device configuration, logs, and analysis. Strong understanding of cross-domain interactions (DNS, AD, VMware networking, SAN connectivity). Preferred Certifications CCNA, CCNP Enterprise, or CCNP Security PCNSE Fortinet NSE4/NSE5 CCIE-level competency (or equivalent expertise) Additional certifications may be required after hire and must be obtained within designated timelines. Professional Competencies Excellent communication skills with both technical and non-technical stakeholders. Proven ability to work independently in high-pressure, mission-critical environments. Strong analytical, investigative, and documentation skills. Preferred Experience Experience supporting federal law enforcement IT systems or CALEA-aligned mission operations. Hands-on participation in COOP/DR architecture or failover site execution. Experience with VPN transitions, network segmentation, and multi-site resiliency. Familiarity with Kubernetes/container environments (e.g., JSI platforms). Experience supporting 24/7 high-availability operations. Soft Skills Strong initiative and attention to detail. Adaptability to evolving mission requirements and operational tempo. Collaborative approach with technical teams, vendors, and government partners. Alignment with Harmonia's principles of excellence, collaboration, curiosity, and integrity. Physical Demands / Work Environment Must regularly lift/move up to 50 lbs.; occasionally up to 80 lbs. using a hand truck or lift cart. Requires standing, kneeling, crouching, and navigating server-room environments. Normal vision and hearing required; moderate server-room noise.

A successful candidate will implement, provide, and monitor technical support of customer environments, conduct, and maintain inventories of client systems, support operating systems, desktop peripherals, software, core desktop applications and imaging of computers. The Network Specialist will have an in-depth knowledge of Cisco, Palo Alto, F5 and the maintenance of computer systems and computer environments. Requirements: Install, configure, maintain, and optimize LAN and WAN infrastructure, including routers, switches, VPN appliances, load balancers, and security devices. Ensure timely application of security patches to all network infrastructure devices, including routers, switches, voice and video systems, and security appliances. Monitor and analyze network performance using network management tools, troubleshooting network issues, and optimizing performance based on industry best practices. Maintain an up-to-date inventory of network assets, including hardware and software components, and ensure efficient asset tracking and lifecycle management. Provide design recommendations, technical feedback, and support during engineering meetings to contribute to the planning and execution of network projects. Manage data center network infrastructure, assist with storage and virtualization systems, and collaborate with relevant teams on infrastructure expansion and improvements. Stay informed of emerging technologies, trends, and best practices in communications, networking devices, and system security. Troubleshoot and resolve network-related problems and outages, including those affecting voice, video, and data services, schedule necessary network upgrades and optimizations. Demonstrate expertise in routing, switching, and firewall configuration, supporting complex and secure LAN/WAN networks. Understand and support Linux/Unix and Windows operating systems, including system security management, to ensure smooth integration with network services. Submit detailed and accurate reports on network performance, incidents, upgrades, and infrastructure status as required. Act as the primary point of contact for clients, addressing software and hardware-related inquiries and troubleshooting issues promptly. Actively participate in team meetings to share updates, ideas, and solutions; lead or assist in network or related projects, ensuring timely completion and adherence to objectives. Lead or assist in the execution of network or system-related projects, ensuring proper planning, coordination, and adherence to timelines. Implement and enforce security protocols for network infrastructure and systems to prevent unauthorized access, malware, and other security threats. Work with the team to plan and implement backup and disaster recovery solutions to ensure the resilience of network and data services. Collaborate with cross-functional teams to troubleshoot complex technical issues, ensuring swift resolution or escalation when necessary. Perform additional tasks and duties as assigned, contributing to the overall success and functioning of the team and organization. Critical Skills: Excellent customer service skills complemented by an ability to listen to and interpret client requests Cisco Router and switch configuration?(IOS/NX-OS) Palo Alto NextGen Firewall and VPN configuration experience Experience with General Dynamics Taclanes and/or GEMOne?? F5 Load Balancer Knowledge GTM/Big DNS Knowledge Technically proficient and experienced with Windows and Unix/Linux operating systems, network security, network traffic analysis, incident response, vulnerability analysis, packet analysis, and systems hardening. Possesses proficient knowledge of layer 2 switching and layer 3 routing protocols, encryption protocols, communication protocols. Examples include but not limited to: TLS/SSL, IPsec, SSH, BGP, VLAN, LLDP, LACP, ARP, 802.1x, DNS, AES, NTP, etc. Network Design and Implementation Network Troubleshooting Network Performance Tuning Ability to identify, track and complete tasks for multiple projects under prescribed timeframes. Non-Negotiable Requirements: Top Secret with investigation current within the last 5 years On-site, no remote Technical Environment: Microsoft, Linux, Splunk, Ansible, Tenable, GEMS A notification to prospective applicants that reviews, and tests for the absence of any illegal drug as defined in 10 CFR 707.4, will be conducted by the employer and a background investigation by the Federal government may be required to obtain an access authorization prior to employment, and that subsequent reinvestigations may be required. If the position is covered by the Counterintelligence Evaluation Program regulations at 10 CFR part 709, the announcement should also alert applicants that successful completion of a counterintelligence evaluation may include a counterintelligence-scope polygraph examination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.