Senior Network SME - Zero Trust

Job Title: Senior Network SME

Location: Reston, VA (Hybrid 3x/week)

Salary: DOE full benefits

Clearance: Public Trust

Job Overview

We are seeking an experienced Senior Network Engineer with specialized expertise in Zero Trust technology and a successful track record supporting federal government initiatives. This role will play a critical part in designing, implementing, and maintaining secure network infrastructures aligned with Zero Trust principles within government environments.

Job Responsibilities

• Lead the design and implementation of Zero Trust network architectures, including network segmentation, secure access controls, and micro-segmentation, ensuring robust security across federal government networks.Responsibility to support network roadmap documentation and gap closure tasks.
• Architect and manage IAM solutions, including centralized authentication, role-based access controls (RBAC), multi-factor authentication (MFA), and privileged access management (PAM) within government systems.
• Develop and implement network segmentation strategies to partition networks into secure zones, restricting lateral movement and minimizing attack surfaces while adhering to Zero Trust principles.
• Manage and configure security infrastructure components such as firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure gateways aligned with Zero Trust architectures.
• Implement encryption methodologies, data protection measures, and cryptographic protocols to safeguard sensitive data in transit, at rest, and during processing within government networks.
• Ensure network infrastructure and configurations comply with federal cybersecurity standards, policies, and frameworks like NIST, FISMA, and other relevant mandates.
• Provide support for incident response efforts, conduct root cause analysis, and troubleshoot network security issues, ensuring rapid resolution and minimal disruption to government operations.

Required Skills/Qualifications

• Minimum of 12 years of hands-on experience as a Senior Network Engineer, specifically within federal government environments, focusing on Zero Trust technology.
• Deep knowledge and practical experience in network security principles, secure architecture design, access controls, and intrusion detection methodologies within government networks.
• Proficiency in implementing Zero Trust principles, network segmentation, identity and access management, encryption, and secure access controls within complex government environments.Direct experience with microsegmentation and Zero Trust networking strategies.
• Expertise in implementing centralized authentication mechanisms, such as Active Directory, LDAP, or similar systems, integrated with Zero Trust principles for robust identity management.
• Profound understanding and practical experience in designing RBAC models aligned with Zero Trust architectures, ensuring access privileges based on roles and responsibilities within government networks.
• Knowledge of implementing MFA solutions, biometric authentication, smart cards, or token-based authentication methods to strengthen access controls within government systems.
• Expertise in SDN principles and technologies to enable dynamic network segmentation, policy enforcement, and flexible network provisioning aligned with Zero Trust concepts.
• Strong understanding of federal cybersecurity regulations, policies, and frameworks such as NIST, FISMA, and other relevant standards applicable to government networks.
• Proficiency in network protocols, firewall configurations, VPN technologies, encryption standards, and security tools prevalent in federal government settings.
• Advanced knowledge of VPN technologies, including site-to-site VPNs, remote access VPNs, and secure tunneling protocols, ensuring secure communications within government networks.
• Hands-on experience in configuring and managing firewalls, ensuring rule-based access control, intrusion prevention, and secure traffic filtering as part of Zero Trust architectures.
• Relevant certifications in networking (e.g., CCNP, CCIE), cybersecurity (e.g., CISSP, CompTIA Security ), and Zero Trust technologies are highly desirable.

Education:

• Bachelors degree in computer science, information systems, mathematics, physics, or related discipline
• Employer will accept years of experience in lieu of a degree.