Security engineer jobs in Johnson City, TN

MANTECH seeks a motivated, career and customer-oriented Cyber Security Engineer Lead to join our team in Springfield, VA. The Cyber Security Engineer Lead is responsible for the detection, identification, analysis, and reporting of cyber threats, intrusions, anomalous activities, and potential misuse of systems. This role supports the protection of customer's digital assets and sensitive data through the administration, monitoring, and continuous improvement of cybersecurity technologies and processes. Responsibilities include but are not limited to: Threat Detection & Response: Identify, assess, and report potential cyber-attacks, intrusions, and abnormal system behaviors. Participate actively in incident response and recovery activities. Technology Administration: Administer and maintain systems supporting Identity Management, Privileged User Access, Access Control (firewall), End Point Protection, Internet Protection, Vulnerability Scanning, and Security Information and Event Management (SIEM) tools. Mitigation & Remediation: Develop and implement enterprise-level mitigation strategies to address complex vulnerabilities. Operational Support: Ensure proper installation, testing, patching, upgrading, and performance of cybersecurity tools and applications. Maintain system resiliency and availability across all managed technologies. Policy Enforcement & Compliance: Enforce cybersecurity policies, standards, and best practices in alignment with ManTech's security framework and regulatory requirements. Leadership & Collaboration: Lead or participate in cross-functional projects and initiatives. Provide technical mentorship and subject matter expertise to junior team members.; Continuous Improvement: Interpret internal and external cybersecurity trends and business challenges; recommend and implement innovative solutions to strengthen the enterprise security posture. Monitor intrusion detection and prevention systems and other security event data sources; determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures. Minimum Qualifications: Bachelor's Degree in Cybersecurity, Information Technology, Computer Science, or a related Cyber Security field. Certified Information Systems Security Professional (CISSP) certification (required within 6 months of assignment to the position, otherwise failure to obtain certification within 6 months of assignment to the position may result in removal). 8+ years of relevant cybersecurity experience, including hands-on technical administration and operational security support. Strong analytical and problem-solving abilities Deep knowledge of cybersecurity frameworks, principles, and technologies Proficiency in SIEM, endpoint protection, and identity management tool Must be able to travel up to 25% Preferred Qualifications: Have a good understanding of DISA compliance directives and recommend having knowledge of the JSIG. Ability to lead small teams or projects Excellent communication and influence skills; Strong judgment in identifying and mitigating security risks Correlate data from intrusion detection and prevention systems with data from other sources Clearance Requirements: Must have current/active TS/SCI with the ability to obtain and maintain a Yankee White security clearance Physical Requirements: Must be able to remain in a stationary position 50% The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer. The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

We are seeking a Cybersecurity Engineer with strong, hands-on experience implementing Data Loss Prevention (DLP) solutions, specifically using Azure Purview and Microsoft Intune. This role requires a technical practitioner who has directly deployed, configured, and operationalized security controls-not just monitored events. The engineer will design and implement secure architectures across cloud and hybrid environments, conduct threat modeling, integrate security into new platforms, and ensure alignment with industry best practices and regulatory frameworks such as NIST 800-53, FISMA, and FedRAMP. The ideal candidate must have 10+ years of experience that brings advanced knowledge of cloud security, IAM, encryption, authentication protocols, and modern DevSecOps practices. Additional responsibilities include developing reusable security patterns, performing architecture reviews, enhancing automation, and partnering with IT teams to mature the organization's security posture. Strong communication skills, deep technical proficiency, and experience with Azure/AWS infrastructures are essential for success in this role. This is an onsite direct hire opportunity in Arlington, VA, no contract, no sponsorship. Relocation assistance provided within the US. LI #HP-1

We are currently seeking a Sr. Cyber Systems Engineer (Vulnerability Assessment) to become part of the Department of State (DOS) Diplomatic Security Cyber Mission (DSCM) program. requires 5-days per week on-site. Program Overview The DSCM program encompasses cyber security, data analytics, engineering, technical, managerial, operational, logistical and administrative support to aid and advise DOS Cyber & Technology Security (CTS) Directorate. This includes protecting a global cyber infrastructure comprising networks, systems, information, and mobile devices all while identifying and responding to cyber risks and threats. Those supporting the DSCM program strive to leverage their expert knowledge and propose creative solutions to real-world cybersecurity challenges. About the Role Support the Cyber Security Solutions team within the Emerging Technologies Division. Perform Federal cyber community outreach to further Directorate cybersecurity mandates. Provide guidance to systems owners for compliance with cyber configuration standards and policies. Provide emerging technology analysis and trend reporting to CTS designated recipients. Provide Cloud, wireless, Artificial Intelligence (AI), and mobile security expertise, device assessment, vulnerability analysis, and risk mitigation services. Provide knowledge of Cloud environments and application of Cyber Security baselines. Research and formulate open-source software innovations integration in support of network modernization efforts using industry best practices for cost efficiency solutions. Facilitate the adoption of cyber and technological security solutions (AI enabled). Coordinate Enterprise-wide Common Control Documentation and provide technical expertise as needed to Department partners on proper implementation of NIST Common Controls. Provide technical responses and recommendations to Cyber Policy Support Requests. Qualifications: Bachelor's degree and minimum of 9 years of relevant experience required; 7 years with a Master's, 4 years with a PhD. An additional 4 years will be considered in lieu of the degree requirement. Demonstrate excellence in developing Federal emerging technology cyber challenges with multi-disciplinary assessment of areas such as Cloud, Al, and secure communications. Possess or be able to obtain one or more of the following certifications by hire date: CCNA-Security, CND, CySA+, GICSP, GSEC, Security+ CE, SSCP. Demonstrated experience in one, more or all of the following areas: Minimum of 4 years' experience in administering, maintaining, installing cloud services such as AWS, Active Directory Federation Services (ADFS), Azure, across an enterprise network. Experience developing and managing virtualized IT systems across an enterprise network. Configuration and/or administering enterprise mobile device deployments. Experience with application of cyber security controls for Artificial Intelligence. U.S. citizenship required. An active Secret security clearance. The ability to obtain a final Top Secret security clearance. For any questions regarding this job announcement or the status of your application, please contact our Director of Recruiting, Mr. Brian Jennings, via email at ********************.

We are seeking a skilled Security Engineer with strong Networking and Compliance experience to join our team in Millennia. This position is required to reside in the vicinity of our Durham, NC Data Center. In this role, you will be crucial in maintaining the integrity and security of our network systems, ensuring privacy and security controls within processes, assets, and data flow within our healthcare-focused environment Responsibilities: · Maintain and manage all processes systems supporting Millennia's security posture. · Monitor, manage, and implement security infrastructure to support organizational needs · Monitor logs and alerts to identify incidents. Perform and or document Root Cause Analysis and remediation on Security Incidents. · Monitor network performance and troubleshoot issues and Security Incidents. · Plan, manage, and execute system upgrades and weekly patches to all endpoints. · Develop and enforce security policies to protect sensitive patient data. · Conduct regular system audits and vulnerability assessments. · Provide technical support for network-related issues to staff and clients. · Maintain documentation of network configurations and procedures. · Stay updated on industry trends and emerging technologies · Collaborate with IT teams to integrate new technologies into existing systems. · Provide hand-on support to our offices and data center. Qualifications: · Strong knowledge of network and security administration, controls, protocols, and best practices. · Experience with SOC2 or HITRUST, and HIPAA Security and Privacy Rule. · Proven experience as a Network Administrator or similar role. · Proficiency in configuring firewalls, routers, and switches, encryption protocols, and certificates. · Familiarity with cybersecurity principles and incident response strategies. · Excellent problem-solving skills and attention to detail. · Exceptional communication skills and ability to work independently and collaboratively in a team-oriented environment. · Experience with cloud computing platforms (AWS, Azure) is a plus. Relevant certifications (e.g., CCNA, CompTIA Security+) are preferred

Come Forge the Future of Machine Identity Security for Operational Technology & Industrial Control Systems Where: Tysons, VA (Hybrid) Supporting: Our CTO At Corsha we're not just selling software; we're fundamentally reshaping how the most critical industrial and operational technology (OT) systems are secured. We're a cyber startup in the DC area, driven by a mission to bring trust, resilience, and identity to the operational systems that power our world - from factories to power grids. We're building the future of machine identity security, and we need a dynamic technical evangelist to join our front lines. Tired of the Status Quo? Ready to Secure the Unseen? Here's your Opportunity: If you're an engineer who thrives on solving hard problems, isn't afraid to get your hands dirty with industrial control systems and sees the immense potential of cybersecurity in unconventional environments, then read on. We move fast, we build for impact, and we need a security visionary to help us secure the machines that matter most. Your Mission: Secure the Industrial Edge We're looking for an OT Security Engineer to be a foundational engineer for our Machine Identity Platform (mIDP), specifically tailored for the unique and challenging landscape of OT systems. Your mission: implement, integrate, and defend the security infrastructure that underpins our cutting-edge solutions, with a heavy emphasis on industrial control systems and OT networks. This isn't just about keeping the lights on. It's about building security architectures that are inherently secure, highly available, and resilient against the most sophisticated threats, often in environments where traditional IT paradigms simply don't apply. You'll be bridging the gap between cutting-edge cybersecurity technologies and the operational realities of factories, power plants, and critical infrastructure. What You'll Be Forging: Architect and Implement OT Security Solutions: Design, deploy, and manage secure architectures for our mIDP, specifically tailored for OT environments. This includes network segmentation, routing, switching, firewall configurations, and intrusion detection systems. ICS/OT System Integration: Be the subject matter expert for integrating our mIDP with industrial control systems. This involves understanding and working with common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). Machine Identity Integration: Collaborate closely with our product and engineering teams to integrate security configurations with our mIDP, ensuring seamless and secure authentication and authorization for OT devices and applications. OT Network Hardening: Implement and enforce robust security best practices, including vulnerability management and access control for OT networks. Troubleshooting and Optimization: Proactively monitor, troubleshoot, and resolve complex security issues across ICS and OT environments. Identify and implement optimizations to enhance system performance, reliability, and security. Automation and Tooling: Develop and implement automation scripts and tools (e.g., Python, Ansible) to streamline provisioning, configuration management, and operational tasks. Documentation and Knowledge Sharing: Create comprehensive documentation, runbooks, and contribute to internal knowledge sharing to ensure maintainability and scalability of our infrastructure. Stay Ahead of the Curve: Continuously research and evaluate new cybersecurity technologies, security trends, and best practices, particularly as they relate to OT and industrial control systems. Collaborate and Mentor: Work closely with cross-functional teams (software engineers, security analysts, product managers) and provide mentorship to junior team members. What You'll Bring: 5+ years of intense experience in OT security or a related role, with a proven track record in complex, high-performance, and high-stakes environments. Deep, demonstrable expertise in industrial control systems and OT environments. You've implemented security products and solutions in real-world ICS/OT environments. Strong proficiency in network security principles: Firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), network access control (NAC), and secure communication protocols. Extensive hands-on experience with OT network architectures and protocols. You're comfortable with physical hardware and understand the nuances of industrial networks. Rock solid understanding of cybersecurity principles: vulnerability management, threat modeling, and incident response. Empathy for OT/ICS environments: You totally get the unique security challenges of Operational Technology, and understand common industrial protocols (Modbus, OPC UA) and architectures (e.g., Purdue Model). This isn't just a "nice-to-have"; it's critical. Proficiency in scripting and automation: Python, Ansible, or similar languages for automating security provisioning and operations. A relentless problem-solver: You thrive on diagnosing and resolving intricate security issues under pressure, with an unwavering focus on root cause analysis. Exceptional communication and collaboration skills: You can articulate complex technical concepts clearly and work seamlessly with cross-functional teams. Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent practical experience. Self-starter with an insatiable curiosity: You're eager to learn, adapt, and drive solutions in a rapidly evolving, high-impact startup environment. Bonus Points For: Experience with specific machine identity solutions (PKI, certificates, secrets management). Hands-on experience with Kubernetes Knowledge of software-defined networking (SDN) solutions. Relevant industry certifications (e.g., CISSP, GICSP, CISM). Experience in a fast-paced startup environment. Why Forge your Path with Corsha? Real-World Impact: Your work won't just sit on a server; it will actively defend the critical operational systems that underpin our society. This is an opportunity to make a tangible, immediate difference. Bleeding Edge: Be at the forefront of securing the intersection of cybersecurity, machine identity, and OT. We're defining the future, not just following trends. Growth & Ownership: This is a startup - your contributions will directly shape our product, our culture, and our success. You'll work with incredible people that care and have impact. Culture of Innovation: Join a team of brilliant, passionate engineers dedicated to solving the hardest problems. We foster a collaborative, intellectually stimulating, and supportive environment. Competitive Compensation & Benefits: Wellness days, Generous PTO, Company-covered healthcare, 401k matching, paid parental leave, and of course snacks, lunches, and sustenance. Ready to step up and secure the critical future of identity? Join Our Mission Today. Reach out to us with your resume and why you think you'd make a stellar Corshian to *****************. We are an Equal Opportunity Employer and reasonable accommodations may be made to enable individuals with disabilities.

The Cybersecurity Engineer is responsible for the technical implementation and management of cybersecurity measures. This role involves extensive hands-on work with security technologies, developing and maintaining security protocols, and ensuring the protection of sensitive data. The Cybersecurity Engineer collaborates within the various IT teams to integrate security solutions into business projects and solutions, while supporting overall compliance with HIPAA regulations. Technical Implementation: Architect, deploy, and maintain enterprise-grade security technologies, including firewalls, intrusion detection/prevention systems, encryption platforms, and vulnerability management tools. Implement and support security controls for network infrastructure such as routers, switches, and wireless access points. Configure, administer, and secure Active Directory and Azure AD environments. Deploy and oversee endpoint protection platforms and Security Information and Event Management (SIEM) solutions. Manage Microsoft 365 security capabilities, including conditional access, data loss prevention (DLP), and advanced threat protection. Evaluate, test, and recommend new security tools, processes, and technologies to strengthen the organization's security posture. Security Operations: Continuously monitor systems for security events, investigate alerts, and respond to incidents with appropriate documentation. Perform ongoing risk assessments and vulnerability scans to identify exposures and drive remediation efforts. Lead technical response efforts during security incidents or breaches in coordination with the incident response team. Administer and monitor Identity and Access Management (IAM) systems to ensure secure and appropriate access. Conduct routine vulnerability assessments and threat analysis to support continual improvement. Perform digital forensics and incident response activities as needed. Compliance: Ensure adherence to HIPAA and all applicable regulatory and security standards. Design and implement technical safeguards that protect sensitive information and support organizational objectives. Collaboration: Partner with IT and business teams to embed security controls into systems, applications, and workflows. Educate and support staff on cybersecurity awareness, best practices, and evolving threats. Documentation: Create and maintain accurate documentation for security configurations, procedures, and incident activity. Remain informed on current cybersecurity trends and recommend enhancements to existing controls. Security Audits: Plan and conduct scheduled and ad-hoc security audits to validate adherence to security policies and standards. Security Standards and Policies: Develop, review, and update security policies and standards in alignment with industry best practices and regulatory requirements. Security Infrastructure Maintenance and Monitoring: Configure, troubleshoot, and maintain security-related hardware and software. Implement and manage monitoring tools to detect intrusions and potential security breaches. Security Strategy Development: Support the planning, execution, and ongoing refinement of the organization's information security strategy. Adhere to organizational policies, procedures, and safety standards; complete required training annually; contribute to performance goals and quality improvement initiatives. Perform additional duties as assigned. Minimum Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline required. Minimum Experience: Ten (10) years of overall IT experience, including at least five (5) years of hands-on cybersecurity leadership with demonstrated success designing, engineering, and deploying security solutions in an enterprise environment. Certifications: Relevant industry certifications such as CISSP, CISM, CISA, CCSP, CEH, Microsoft Azure Engineer, or equivalent are required.

Knoxville, TN | Cybersecurity Engineer | Full-time We are actively recruiting a Cybersecurity Engineer for our client in Knoxville, TN. This is a hybrid direct placement opportunity that will require some onsite work in Knoxville. The successful candidate will be responsible for the design, implementation, and ongoing management of advanced cybersecurity measures to protect sensitive data, systems, and networks. This role involves hands-on work with a wide range of security technologies, development and enforcement of security protocols, and proactive risk mitigation. The engineer collaborates with cross-functional IT teams to integrate security solutions into enterprise projects and ensure compliance with applicable regulatory requirements, including HIPAA. Must have a minimum of five years' experience in cybersecurity engineering, with a proven track record in designing and implementing security solutions within an enterprise environment. Due to client request, candidates must be eligible to work in the United States without sponsorship. Equal Opportunity Employer/Veterans/Disabled

Our client, a leader in their industry, has an excellent opportunity for a Senior Cybersecurity Engineer to join on a direct-hire basis in Cary, NC. This hybrid position requires on-site work three days per week (Tuesday - Thursday) and offers an excellent opportunity to gain experience in cloud security posture management. This is a full-time, permanent opportunity, offering a competitive salary and comprehensive benefits package including day-one medical/dental/vision, 401(k) with 100% match to 5%, annual RSUs and ESPP, life/disability coverage, PTO and paid parental leave, wellness benefits, childcare resources, education assistance, and a wide range of financial and lifestyle perks. Qualified applicants must be willing and able to work on a w2 basis Salary: $115,000 - $135,000 plus 10% bonus Responsibilities: • Design, implement, and manage enterprise-grade firewall solutions, including next-gen firewalls, to enforce network security policies. • Deploy security tools in cloud environments, such as CASB, WAFs, and native cloud security services. • Deploy SASE solutions integrating security capabilities for distributed networks. • Implement centralized identity and access management systems following least privilege principles. • Utilize Microsoft Security Suite tools for threat detection and response across environments. Requirements: • 5+ years of experience in network security engineering, with in-depth experience with Palo Alto • Hands-on experience with Zscaler • Cloud-first mindset-on-prem-only experience is a disqualifier. • Passion for Security and willingness to make suggestions and recommendations • Strong communication and collaboration skills with cross-functional teams. • Bachelor's degree or equivalent work experience required. Preferred Skills: • Azure Network and cloud security posture management experience. Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range. W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality. Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact ********************. Job ID: JN-112025-104486

Data Intelligence LLC is seeking an experienced Senior Security Systems Engineer to support one of our premier Navy customers in Dahlgren, VA. This role provides advanced cybersecurity engineering and systems security support to U.S. Navy tactical and strategic weapons programs. The successful candidate will lead efforts related to Assessment & Authorization (A&A), Risk Management Framework (RMF) implementation, vulnerability management, and secure systems design for complex afloat and shore-based systems. This position is fully on-site in Dahlgren, VA. This position is contingent upon winning contract award. Key Responsibilities Lead cybersecurity engineering and systems security integration for U.S. Navy programs, with specific focus on tactical combat and Submarine-Launched Ballistic Missile (SLBM) systems. Perform system security engineering in accordance with DoD, DON, and NIST cybersecurity policies, standards, and best practices. Execute the full lifecycle of the Systems Engineering Technical Review (SETR) process, including design, review, and validation activities. Conduct and support Assessment and Authorization (A&A) activities under RMF, ensuring systems achieve and maintain Authorization to Operate (ATO). Manage vulnerability analysis and remediation for critical Navy systems and applications. Develop and maintain System Security Plans (SSPs), Cybersecurity Strategy and Evaluation (CSSE) documentation, and related artifacts. Design and evaluate secure network architectures and system boundaries, incorporating cybersecurity technologies such as: Firewalls, Intrusion Detection/Prevention Systems (IDS/IPS) Routers, Switches, and Cross-Domain Solutions (CDS) Host-Based Security Systems (HBSS) Provide cybersecurity guidance for Platform IT (PIT) systems, supporting both land-based and afloat/tactical environments. Contribute to cybersecurity test planning, Model-Based Systems Engineering (MBSE) integration, and secure software/hardware development. Collaborate with multidisciplinary engineering teams and Navy program offices to ensure compliance with DoD cyber and safety standards. Deliver concise technical presentations and reports to senior leadership and stakeholders. Required Skills/Experience SLBM Programs: Minimum 7 years of direct experience with Submarine-Launched Ballistic Missile (SLBM) systems; OR Other Navy Programs: At least 5 years of program-specific security engineering experience with Navy afloat/tactical combat systems (e.g., Aegis, SSDS, Zumwalt); OR General Experience: 10+ years of general security engineering experience supporting DoD systems. Minimum 5 years of engineering experience on Aegis, SSDS, Zumwalt, or other Navy tactical combat systems (for at least six senior positions on this contract). Demonstrated experience in: Cybersecurity engineering and risk management DoD/Navy Assessment & Authorization (A&A) Vulnerability management across complex networked systems Proven understanding of DoD Cybersecurity policies, RMF, and Platform IT (PIT) implementation. Experience with the SSP Validator Handbook (for SLBM programs). Familiarity with combat weapons systems and afloat/tactical environments. Hands-on experience designing and assessing secure network architectures, cyber boundaries, and defense-in-depth strategies. Experience with cyber testing, test analysis, and secure computing system development. Strong written and verbal communication skills with the ability to brief senior leadership. Certifications (Required) IAT II, IAM II, or higher (e.g., Security+, CASP+, CISSP, or equivalent) NQV certification (desired, if applicable) Security Clearance Active Top Secret Clearance required; eligibility for higher-level access may be necessary based on program needs. Data Intelligence, DI is an established small business that has supported the critical missions of our government clients since 2005. We provide full life cycle system development, systems engineering, cybersecurity, and supporting analytical and logistics support to C4ISR and other complex systems. We are an equal opportunity employer that offers competitive salaries, comprehensive benefits, a team-oriented environment, and opportunities for advancement. Our excellent employee retention record reflects our employee focus. We work with Veteran's organization to proactively hire those who have served our country. We offer medical, dental and vision insurance, 401k, PTO and 11 paid holidays. Data Intelligence is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

ABOUT THE ROLE Individual is able to work without assistance; provides leadership for others; able to manage highly complex work efforts; may have advanced education; has extensive industry experience. The IT Security Analyst monitors and advises on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinates and executes IT security related projects for the agency. Coordinates response to information security incidents. Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with Commonwealth IT Security policies, standards, and guidelines. Conducts campus-wide data classification assessment and security audits and manages remediation plans. Collaborates with IT management, Internal Audit, and VITA to manage security vulnerabilities. Creates, manages and maintains user security awareness. Conducts security research and keeps abreast of latest security issues. Prepares IT security documentation, including department policies and procedures, agency notifications, Web content, and alerts.

Through NRI (formally Core BTS) Resource Management Services (RMS), we offer custom talent solutions to help our clients meet their evolving technology and business needs. We help effectively match the right technology professional to their organization, recruiting for contract, contract-to-hire, and direct roles. Our client within the financial industry is in need of a Network Security Engineer to join their team. Qualified candidates MUST be US Citizens with the ability to obtain a US Government issued security clearance. Overview The Network Security Engineer is primarily responsible for configuring, deploying and maintaining secure network infrastructures to protect organizational data and resources from internal and external threats. This role involves monitoring networks for security vulnerabilities, investigating incidents, and deploying security solutions to mitigate attacks. This role also includes ensuring the high availability of networking security infrastructure and developing processes and procedures for ongoing management of the network environment. The ideal candidate possesses a strong technical background, analytical skills, and a proactive approach to network defense. Responsibilities Design, configure, and manage secure network architectures, including firewalls, VPNs, IDS/IPS, and other security appliances Maintain Next Generation firewalls and monitor/manage consoles or systems Manage all firewalls at our client, including firewall rules to ensure alignment with IT Security Policies Interact and negotiate with vendors, outsourcers, and contractors to secure network products and services Support the deployment of workstations, network devices, servers, printers, scanners, firewalls, encryption systems, and all host security systems Monitor network traffic and system logs to identify suspicious activities and potential threats Respond to and investigate security incidents, performing root cause analysis and implementing corrective actions Enforce network security policies, procedures, and best practices Manage and update network access controls, including user authentication and authorization mechanisms Collaborate with IT teams to ensure secure integration of new technologies and systems Maintain up-to-date knowledge of the latest cybersecurity trends, threats, and technologies Create and/or maintain network design diagrams and documentation Create and/or maintain network service monitoring, alerting, and responding to incidents Coach and guide team members with less experience Maintain excellent communication with internal and external parties Participate in rotational “on‐call” schedules Remain cognizant of and adheres to our client's policies, procedures, and regulations pertaining to the Bank Secrecy Act (BSA) Qualifications Required Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience) Minimum 5 years proven experience in configuring and administering on-premises and cloud based Next Generation Firewalls (NGFW) and IDS/IPS systems such as; Cisco Firepower, Fortinet FortiGate, and Microsoft Azure Minimum 5 years proven experience in network security engineering or a related IT security role Strong understanding of networking protocols, network routing, operating systems, and security technologies (e.g., firewalls, proxies, SIEM, IDS/IPS) Understanding of network security applications and systems such as e-mail gateway, web gateway, firewalls, and proxies The ability to assist in authoring and reviewing security policy, standards, and procedures Excellent problem-solving, analytical, and communication skills Ability to work independently and collaboratively in a fast-paced, dynamic environment Strong attention to detail and commitment to maintaining confidentiality and integrity of sensitive information Effective oral and written communication skills Ability to interact effectively with all levels of the organization and/or with vendors Ability to obtain and maintain a secret level security clearance A standard 8-hour shift between the core hours of 7:00 AM and 5:00 PM is required to support our client's operations Occasional after-hours or on-call work may be required to respond to security incidents or perform system upgrades. Ability to work effectively on-site in our Herndon, VA headquarters and equally effectively remotely Network Security Engineers typically work in hybrid work environment consisting of three days on site at our client's Corporate Headquarters in Herndon, VA, and 2 days remote. Hybrid work is at management discretion and typically granted after an initial onboarding period Preferred Professional certifications such as CCNA, CISM, CCNP Security, or similar

WorkForce Unlimited is searching for a proactive Security Analyst to analyze vulnerabilities, optimize security tools, and help our client stay ahead of emerging threats. The Security Analyst is responsible for independently managing third-party vulnerability data sources, executing scans using proprietary tools, and collaborating with IT teams to prioritize mitigation efforts. The role involves leveraging vulnerability management tools to generate metrics and reports that track progress and effectiveness. Additionally, the Security Analyst may contribute to reviewing project scopes to recommend security benchmarks, optimizing security tool alerts and policies, and integrating logs and large data sets into existing systems. Role Responsibilities Analyze vulnerabilities from various sources and input them into the vulnerability management tool using approved methods to ensure a complete overview of exposures. Evaluate existing vulnerabilities to identify problem areas or opportunities for mass-mitigation. Communicate with cross-functional teams to explain risks, opportunities, or required actions. Escalate vulnerabilities that exceed defined time-to-resolve thresholds. Configure vulnerability scanning tools and manage ongoing scan schedules. Collect and maintain departmental metrics and KPIs. Identify opportunities to apply AI technologies to improve vulnerability management processes. Technical Qualifications Strong familiarity and prior experience with: HTTP, PKI, digital signatures/encryption, SMTP, DNS, CWEs, CVEs, and related security frameworks. Vulnerability and security scanning tools such as Nessus, NMAP, ZAP, BurpSuite, Invicti, Nuclei, or similar. Web application scanning and web application firewalls (WAFs). Containers and associated security considerations. CIS Benchmarks, STIGs, or other security hardening standards. Additional desirable skills or experience: Authentication and identity protocols: SAML, Kerberos, OAuth, OIDC, LDAP. Scripting and automation using PowerShell and Python. CI/CD tools such as Jenkins. Splunk data onboarding (indexes, sourcetypes, data models, forwarders, apps, HECs). Log ingestion and transport technologies: Azure Event Hubs, Kafka, syslog. EDR/XDR tools such as Microsoft Sentinel, Microsoft Defender, CrowdStrike, or similar. General Qualifications Ability to conduct independent research, analyze data, and produce clear plans of action. Strong systematic thinking and troubleshooting skills. Ability to create clear and detailed documentation of designs and processes for diverse technical audiences. Excellent communication skills, including the ability to clearly articulate requirements, priorities, and project status. Education Requirements Bachelor's Degree in Information Technology or a related field is preferred but not mandatory.

Jr. Security Analyst Our client is currently looking for a Jr. Security Analyst to join their team in a long term contract capacity focusing on an increase in compliance and audit work heading into the new year. This person will be brought on to support an established information security and compliance team. This role is ideal for someone looking to grow in TPA (Third Party Assessment), audit support, compliance operations, NIST frameworks, and GRC practices. Below is a breakdown of what our enterprise client is looking for in their potential candidate! Key Responsibilities Support Third Party Assessments (TPAs) by gathering evidence, tracking documentation, and helping review vendor security controls. Participate in internal and external audit readiness tasks including evidence collection, control testing preparation, remediation tracking, and audit log review coordination. Assist with vulnerability scan reporting, ticket creation, and follow-up with technical teams on remediation tasks. Support intake, documentation, and status tracking of new compliance and security projects. Help maintain dashboards, risk registers, and compliance reporting metrics within the GRC tool. Participate in annual assessment activities including contingency plan exercises, incident response tests, access reviews, and other required security program tasks. Assist with audit log reviews and routine monitoring processes as assigned. Maintain structured, accurate documentation to support continuous compliance efforts. Minimum Qualifications 1-3 years of experience in security, IT, audit, or compliance support roles (internships or rotational experience accepted). Foundational knowledge of NIST frameworks, FISMA requirements, or other security compliance standards (HIPAA, SOC 2, ISO 27001 a plus). Experience with GRC platforms (ServiceNow, Archer, OneTrust, ZenGRC, etc.) OR strong interest in learning. Strong attention to detail with the ability to create, edit, and maintain structured documentation. Proficiency with Microsoft Office and basic workflow tracking tools (Excel, SharePoint, Confluence, Smartsheet, etc.). Familiarity with basic cybersecurity terminology and frameworks (e.g., CIS Controls). Experience supporting compliance evidence collection or policy documentation. Interest in security governance, risk, and compliance as a long-term career path.

Hybrid - remote allowed, but should live in driving proximity to Springfield, VA Travel: up to 25 percent mostly to Chicago and Atlanta** Direct Hire with Benefits In this role you will guide the security direction for a hybrid environment that spans on premises systems and cloud platforms including Microsoft Dynamics Microsoft 365 Azure directory and the Microsoft security ecosystem. You will also work hands on with firewalls support multi-site network uptime document standards train users and collaborate closely with software and security vendors. This position requires someone who enjoys being the subject matter expert who can see the big picture while also building and improving day to day systems. What you will do Lead security operations including assessment mitigation and incident response Support and maintain the network across multiple facilities with a focus on reliability and resilience Plan and implement architecture improvements for both on premises and cloud based environments Work with business and software vendors to evaluate tools resolve issues and drive enhancements Develop and maintain documentation playbooks and standards for network and security operations Provide user training on security best practices and new technologies Drive continuous improvement by exploring and recommending modern solutions What we are looking for Five or more years of hands on experience in security engineering or network security Experience supporting hybrid environments on premises and cloud Strong familiarity with Microsoft based ecosystems including Dynamics M365 Azure directory Sentinel Defender P2 and E5 Background working with firewalls pfsense or similar Ability to design troubleshoot and document network architectures Experience responding to security events and closing security gaps Comfort interacting with external vendors and internal teams Clear communication skills solid documentation habits and a growth mindset Candidates must be based in Virginia and open to regional travel up to 25 percent If you enjoy being the trusted expert for both networking and security and want the freedom to influence modern solutions this role offers the autonomy and impact you are looking for.

In this contingent resource assignment, candidate may: Participate in low to moderately complex initiatives and identify opportunity for process improvements within Information Security Analysis. Review and analyze basic or tactical Information Security Analysis assignments or challenges that require research, evaluation, and selection of alternatives, related to low-to-medium risk deliverables. Present recommendations for resolving low to moderately complex situations and exercise some independent judgment while developing understanding of function, policies, procedures, and compliance requirements. Provide information to client personnel in Information Security Analysis. Required Qualifications: 2 plus years of Information Security Analysis experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education. Desired Qualifications: Hands-on experience with IAM Tools (SailPoint, Okta, CyberArk, Ping, Microsoft Entra ID) Experience with authentication standards (LDAP, SAML, OAuth, Open ID, SCIM). Experience with security compliance frameworks (ISO, NIST, SOX, PCI) Ability to interact with various layers of leadership Ability to prioritize work, meet deadlines, and achieve deliverables Strong organizational, multi-tasking, and prioritizing skills Customer service focus with the ability to respond to requests in a timely manner Intermediate Microsoft Office (Word, Excel, Outlook, PowerPoint, Access, and Project) skills Pay Range: $40- $45 The specific compensation for this position will be determined by a number of factors, including the scope, complexity and location of the role as well as the cost of labor in the market; the skills, education, training, credentials and experience of the candidate; and other conditions of employment. Our full-time consultants have access to benefits including medical, dental, vision and 401K contributions as well as any other PTO, sick leave, and other benefits mandated by appliable state or localities where you reside or work.

Client is seeking a Network Engineer to help design, implement, and support secure, reliable network services across our on-premises and cloud environments. In this role you will work with infrastructure, security, and application teams to deliver network changes, maintain network health, and troubleshoot issues affecting performance and availability. You will contribute to standards, documentation, and continuous improvement while ensuring solutions align with business and security requirements. Key Responsibilities Network Operations & Support Monitor network performance and availability; respond to incidents and service requests in line with SLAs. Troubleshoot and resolve LAN/WAN/Wi-Fi connectivity issues, routing/switching faults, and VPN problems. Perform routine maintenance, patching, and upgrades of network devices and services. Maintain accurate documentation including diagrams, configurations, runbooks, and change records. Work with vendors and service providers to diagnose and remediate circuit or hardware issues. Implementation & Change Delivery Implement network changes (adds/moves/changes, VLANs, ACLs, NAT, VPNs) following change control and security standards. Assist with network design and build activities for office sites, data center connectivity, wireless, and hybrid cloud. Configure and support common routing and switching technologies (e.g., OSPF/BGP, STP, QoS, port security). Support integration of network infrastructure with servers, storage, virtualization platforms, and cloud services. Participate in project delivery by estimating effort, contributing to technical designs, and validating implementations. Security & Compliance Apply security controls such as segmentation, least-privilege access (ACLs), VPN encryption, and secure management access. Assist with firewall rule requests and network access changes in partnership with security teams. Support vulnerability remediation activities and help ensure network configurations meet internal standards and audit requirements. Contribute to continuous improvement by identifying recurring issues and recommending practical fixes. Skills & Knowledge Hands-on experience with routing and switching fundamentals: IPv4/IPv6, VLANs, STP, OSPF and/or BGP, NAT, QoS. Experience supporting network services such as DNS, DHCP, and IP address management (IPAM). Working knowledge of network security concepts: segmentation, VPNs, firewalling basics, and secure administration. Familiarity with wireless networking (802.11), authentication, and troubleshooting. Experience with monitoring and troubleshooting tools (e.g., logs, packet captures, SNMP/telemetry dashboards). Comfort working in ITSM processes (incident/problem/change) and documenting solutions. Scripting/automation exposure (e.g., PowerShell, Python, APIs) is a plus. Qualifications Bachelor's degree in Information Technology, Computer Science, or equivalent practical experience. 3-5 + years of hands-on experience supporting and implementing network infrastructure in an enterprise environment. Experience configuring and supporting routers, switches, and firewalls in production. Ability to communicate clearly with technical and non-technical stakeholders and work effectively across teams. Strong problem-solving skills, attention to detail, and a customer-service mindset. Nice to Have Exposure to cloud networking (e.g., Azure/AWS networking constructs, VPN/ExpressRoute/Direct Connect). Experience with network access control (NAC) and enterprise Wi-Fi platforms. Familiarity with SD-WAN technologies and/or SASE concepts. Relevant certifications (e.g., CCNA, Network+, vendor firewall certifications).

Must Have Technical/Functional Skills: • Tier 3 (L3) IT Infrastructure engineers comprise a technical team that deals with technical problems. Troubleshooting, configuration, database administration, and repair for server, network, infrastructure, Data Center, email, file shares, and other infrastructure issues. Besides always having the ability to deploy solutions to new problems, Level 3 tech usually has the most expertise in a company and is the go-to person for solving difficult issues • With years of experience, the L3 experts can manage and resolve almost any problem that requires high expertise. They can also control the infrastructure, cloud, network, and DC level operations. All the high-end administration tasks are secure in their hands, and it is advisable to have at least an L3 level technician as a team leader in every operation. These engineers use requirements and aim to replicate problems to detect the root cause. They have access to the highest technological support for fixing issues or developing new features. Their team mainly consists of chief engineers who designed the product or service • Responsible for providing support to customers by researching, diagnosing, troubleshooting issues, and resolving incidents that cannot be resolved by Tier 1 (L1) and providing support for software and hardware technical problems. This role is customer-facing and requires excellent verbal and written communication skills as well as the ability to work under pressure when customers are experiencing critical incidents. Handles the tickets routed by L1 support or can they produce tickets for any issue they observe • Plays a key role as the front-line interface between our customer and the Product & Engineering team and operates as a second level of support after basic user-level Remote Support (L1). Their primary responsibility is to provide customer support by resolving technical support incidents or service requests in accordance with applicable service level agreements Roles & Responsibilities Network (LAN, WAN and Wireless) • Troubleshooting & admin of Cisco Layer 2 & Layer 3 Routing, Cisco Wireless Networks, Cisco PBX Administration, Cisco standard protocols and Cisco CCNA certification • Ability to support IT Cabling, Infrastructure Planning, and Design. Examples of scope work (cable patching, switch config/deploy, port enable/disable, analyze network traffic) • TCP/IP, DHCP, Subnetting, VLAN, POE • Experience with packet capturing example: Wire Shark • Network maintenance, support and refresh • Smart Hands for remote teams & 3rd party vendor management for issue escalation/resolution Data Center (Server Room) Management • Site infrastructure knowledge (Power/UPS, HVAC, cabling, etc.) • Experience installing and troubleshooting server room hardware components, such as Rack Servers, Fiber, switches, disk drives, memory, etc. • Smart Hands for remote teams & 3rd party vendor management for issue escalation/resolution Server Management • Must have experience in administering windows server operating systems e.g. Windows Server 2016, monitoring, troubleshooting, parts swaps/repair • DHCP, DNS, Print Server, File Shares, Microsoft SCCM • Smart Hands for remote teams & 3rd party vendor management for issue escalation/resolution • Working knowledge/experience supporting Hardware for servers, data backup libraries and SAN/NAS • Server, storage and backup systems maintenance, support and refresh: Rackmount, install and configure server hardware • Knowledge of Server 2012/2016 Policy and Security Management Critical plant floor hardware support • Examples of work include items like MFG support (GALC, AER creation, PTCS, etc.) • ANDON and PLC (Programmable Logical Controls) support knowledge • First level of support Business and Plant Floor applications, managing escalation of issues to the Subject Matter Experts (SME's) • Excellent troubleshooting (critical thinking), problem solving & root cause analysis skills for Outage & Problem Management • Exceptional customer service and ability to work well under pressure e.g. plant down situation, outages, critical plant floor equipment require a 15-minute turnaround time • On-call 24x7 availability during non-work hours and ability to work flexible hours and overtime Others Must Have Attributes for Level 3 • Ability to lift 50 lbs. and be able to climb ladders and staircases to access IT equipment • Ready to travel to other Toyota sites/locations within the US to support on a short basis. • Strong team worker with professional demeanor and strong ethics • Good written and oral communication skills are required • Experience with remote control tools and remote support (off-site) • Ongoing support of various Manufacturing computer systems • Windows Active Directory: Maintenance kiosks, OU configuration, Group Policy Objects • Change Management process • Associate or bachelor's degree in computer information systems, Computer Science or related field • TMMBC English 50%-100% Competence Nice To Have • Experience and/or knowledge of PLC's a plus. • Plant Monitoring software knowledge (Active Plant, Wonderware, Ignition) • Knowledge of iGear, Kepware, or other machine data gathering tools • SQL Server database administration (backu ps, security, monitoring, etc.) • Manage storage and backup systems • Previous experience supporting a large corporate, manufacturing environment • Experience supporting and troubleshooting Business and Mission Critical applications • 3 to 5 years of experience performing Level 3 responsibilities • Knowledge of Cisco Voice over IP hardware/software/server operation/configuration • Provide technical assistance and support, and resolve problems related to the use of computer hardware and software Analyze, resolve, respond to, and document end user inquiries. • Install desktop/Laptop, printers/scanners, and other peripheral software using approved tools. • Troubleshoot Operating System issue. Connection issues with LAN/WAN. • Update tickets with accurate and timely records of work performed, and resolution details • Maintain and contribute to a knowledge base. • Coordinate hardware warranty repair. • Perform inventory management activities as required in coordination with asset management and other corporate groups. • Escalate to 3rd party vendors when necessary • Responsible for raising and coordinating problem management issues • Perform additional tasks (end user/infra related) when required Strong understanding and skills in SLA, KPI Management. • Provide technical support stationed at the site who can quickly respond to problems that may arise within data center/computer/server rooms which need physical handling. • In contrast to certified technicians, they are not necessarily trained nor duly recognized to specialize in specific technology. • Can handle all tasks related to the infrastructure equipment based on instructions provided by a remote technical assistance team that specializes in different products and categories. • Receives instructions from certified technicians and project managers to troubleshoot advanced issues. • Provide on-site, operational support service for remote management, installation and troubleshooting of data center equipment. • Primary responsibility to manage End User related incidents and requests. • Go to person for all plant IT related requests (Password resets, access etc. specific to plants). Base Salary Range: $70,000 - $80,000 per annum TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Maternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

What this Job Entails: The Network Deployment Engineer II will design, develop, build and test systems and products based on optic, photonic and laser technologies. The position will interact with device, hardware and software design teams to assist in overall development of optical systems. The position will be responsible for specifying, selecting and qualifying active and passive optical components. The role will also assist with developing and benchmarking system performance models, developing and assisting with implementing test procedures and/or evaluating and selecting appropriate test instrumentation. Scope: Applies company policies and procedures to resolve a variety of issues Works on problems of moderate scope Receives general instructions on routine work and detailed instructions on new projects Your Roles and Responsibilities: Deploy, configure, and support a large-scale production and corporate network and server infrastructure in data centers and Point of Presence (POP) sites throughout the assigned region Calculate and document equipment power requirements and work with Engineering, Facilities Operations, and/or collocation vendors to meet these requirements Participate in project timelines to support network turn-up within expected completion intervals Responsible for asset management of networking gear in datacenter and POP sites Proactively contribute to documentation, automation and processes as they evolve Create network and server rack face elevations, floor plans, wiring diagrams, and detailed port maps for new deployments and documentation Create statements of work for vendors at the POP sites Prepare cage and rack designs, and understand the overall needs of POP infrastructure Document and follow RMA processes and procedures for all relevant vendors Follow, improve, and implement data center and POP best practices Provide necessary escalations to higher support tier; assist Sales and Customer Support with technical operations, and work with internal departments to ensure customer satisfaction Work closely with Network Engineering, Logistics, and equipment vendors as new equipment and technologies are integrated into the production network Use internal tools and scripts to configure, monitor, and repair servers and network equipment Detect and diagnose various error/failure conditions across an array of server types Other duties as required. This list is not meant to be a comprehensive inventory of all responsibilities assigned to this position Required Qualifications/Skills: Bachelor's degree (B.S/B.A) from four-college or university and 2 to 5 years' related experience and/or training; or equivalent combination of education and experience Builds productive internal and external working relationships Exercises judgment within defined procedures and practices to determine appropriate action Must have an understanding of data center network architecture and common issues related to data center networks Knowledgeable in data center practices (i.e. cable routing, calculating power usage and cooling) Experience with field-based work in POPs, carrier hotels, or central office environments Experience with enterprise and service provider network hardware platforms and architectures, including data center switching platforms Must have a sound and in-depth understanding of IP technologies such as MPLS, BGP, RSVP-TE, IS-IS Basic understanding of transmission technology and circuit troubleshooting techniques Solid understanding of fiber-optic technology including cable types, connector types, optic types, patch panels, and optical transport technologies Proficiency in various operating systems Ability to capture and analyze traffic Solid understanding of queue management for tasks and incidents, vendor engagement, and escalation and participation in ongoing POPs deployment projects Demonstrated ability to analyze complex situations and utilize troubleshooting skills, systems and tools, and creative problem solving abilities under pressure Excellent communication skills Experience in dealing with service providers and colocation facilities around the world Ability to work within a global team in a fast-paced and dynamic environment with limited supervision Strong attention to detail with excellent time management and organization skills 20% to 50% of travel required Preferred Qualifications: Understanding of various scripting languages is strongly desired Certification such as CCNA, JNCIA, RHCT, or equivalent experience Physical Demand & Work Environment: Must have the ability to lift/move 30-40 lbs. Must have the ability to perform office-related tasks which may include prolonged sitting or standing Must have the ability to move from place to place within an office environment Must be able to use a computer Must have the ability to communicate effectively Some positions may require occasional repetitive motion or movements of the wrists, hands, and/or fingers

Harmonia Holdings Group, LLC is an award-winning, rapidly growing federal government contractor committed to providing innovative, high-performing solutions to our government clients and focused on fostering a workplace that encourages growth, initiative, creativity, and employee satisfaction. SME Network Engineer Location: Lorton, VA (22079) Citizenship: U.S. Citizen (required for access to DHS IT systems) Clearance: Must be able to obtain and maintain DHS/ICE Fitness Determination (Public Trust), including a favorable preliminary Fitness and full NBIS eAPP investigation (SF-85P, OF-306, SSA-89, fingerprints, PREA questionnaire if required) Schedule: Full-time; business hours (7:00-5:30, M-F) with required 24/7 on-call availability Hybrid Work: Lorton, VA roles may telework up to 2 days per week; 3 days onsite required (subject to mission needs) Travel: Occasional CONUS travel; local travel within 50 miles is not reimbursable Role Overview Harmonia Holdings Group is seeking an experienced SME Network Engineer to support DHS ICE Homeland Security Investigations (HSI) Title III and Linguists Unit (T3LU) under the CALEA program. This role provides hands-on leadership across all network engineering functions, including architecture, routing, switching, firewall engineering, VPN and PKI integration, segmentation design, troubleshooting, and IA/accreditation-grade documentation. The SME ensures the integrity, resilience, and performance of mission-critical CALEA networks and collaborates closely with Systems, Virtualization, Storage, and Field Engineering teams to ensure end-to-end operational success. This position supports DHS's mission while contributing to Harmonia's overarching goals: delivering premier technology services, driving mission-focused innovation, sustaining organizational excellence, and being an employer of choice for skilled professionals. Responsibilities Network Architecture & Design Design, document, and maintain CALEA network architecture, including: Layer 2/Layer 3 topology IP address schema and subnetting VLAN/VRF segmentation Routing design (OSPF, BGP, EIGRP, static routing) Firewall zoning, NAT policies, and security segmentation VPN tunnels, encrypted transport paths, and PKI integrations COOP/DR network routing and failover paths Produce and maintain authoritative network diagrams, data flows, trust boundaries, and configuration baselines. Evaluate, recommend, and implement enhancements to improve security, availability, and performance. Network Operations & Troubleshooting Serve as the primary network engineer for diagnosing, resolving, and preventing outages across the CALEA enterprise. Perform packet-level analysis (Wireshark/tcpdump), flow analysis, and log correlation to identify and remediate issues. Lead network upgrades, configuration changes, ACL/policy adjustments, and planned maintenance. Monitor network performance and availability; tune routing, firewall, and VPN parameters as needed. Firewall, Security & Accreditation Support Engineer and maintain firewall policies and segmentation (Palo Alto preferred; Fortinet/Cisco ASA experience acceptable). Support security hardening, vulnerability remediation, and IA/ATO documentation requirements. Produce accreditation-ready artifacts, including boundary diagrams, data-flow representations, rule documentation, and enclave segmentation maps. Collaborate with ISSO and security teams to address findings and strengthen compliance posture. Interoperability & Cross-Domain Integration Document and support network dependencies across Active Directory, DNS/DHCP, VMware/vSphere, SAN/iSCSI/NFS storage, and application tiers. Validate end-to-end system functionality after network changes. Partner with Systems, Virtualization, Storage, and Field SMEs to maintain seamless operations across CALEA sites. COOP/DR & Lab Engineering Contribute to COOP/DR planning, design, and testing to ensure high availability and rapid failover capabilities. Support lab environment setup for replication, patch validation, and network simulation. Documentation & Mission Coordination Maintain technical documentation, diagrams, IP plans, SOPs, and configuration repositories. Coordinate with Harmonia and ICE technical leads to resolve issues, support field operations, and sustain mission readiness. Required Qualifications Bachelor's degree in IT, Engineering, or related field OR +5 years equivalent experience. 10+ years of enterprise network engineering experience with increasing responsibility. Technical Proficiency Deep hands-on experience with: Cisco routing/switching (3k-9k platforms) Palo Alto or Fortinet firewalls and policy design VPN architecture, IPsec tunneling, PKI integration Network segmentation using VLANs, VRFs, and security zones Packet capture and analysis Network monitoring and telemetry tools (SolarWinds, NetFlow, Splunk, etc.) Demonstrated ability to produce complete network diagrams and architecture documentation based solely on device configuration, logs, and analysis. Strong understanding of cross-domain interactions (DNS, AD, VMware networking, SAN connectivity). Preferred Certifications CCNA, CCNP Enterprise, or CCNP Security PCNSE Fortinet NSE4/NSE5 CCIE-level competency (or equivalent expertise) Additional certifications may be required after hire and must be obtained within designated timelines. Professional Competencies Excellent communication skills with both technical and non-technical stakeholders. Proven ability to work independently in high-pressure, mission-critical environments. Strong analytical, investigative, and documentation skills. Preferred Experience Experience supporting federal law enforcement IT systems or CALEA-aligned mission operations. Hands-on participation in COOP/DR architecture or failover site execution. Experience with VPN transitions, network segmentation, and multi-site resiliency. Familiarity with Kubernetes/container environments (e.g., JSI platforms). Experience supporting 24/7 high-availability operations. Soft Skills Strong initiative and attention to detail. Adaptability to evolving mission requirements and operational tempo. Collaborative approach with technical teams, vendors, and government partners. Alignment with Harmonia's principles of excellence, collaboration, curiosity, and integrity. Physical Demands / Work Environment Must regularly lift/move up to 50 lbs.; occasionally up to 80 lbs. using a hand truck or lift cart. Requires standing, kneeling, crouching, and navigating server-room environments. Normal vision and hearing required; moderate server-room noise.