Bourne, Massachusetts, Kuwait
47 days ago
WAN Security Engineer
Overview Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. WAN Security Engineers support Enterprise-class network security technologies, which includes network firewalls, web proxy appliances, and Network Access Control solutions for the RCC-SWA. The WAN Security Engineers are responsible for the operations and maintenance (O&M) of the enterprise-class network security technologies, to include, troubleshooting, optimization, administration, change management and technical documentation. The core network technologies include Cisco ASA Firewalls, Cisco DMZ Switches, Broadcom BlueCoat, VPN Concentrators, and Cisco Secure Access Control System. The engineer will work on site alongside the Security Operations team to become thoroughly familiar with unique processes and requirements relative to the Department of Defense (DoD) specific configurations and challenges. Program: OMDAC-SWACA This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program! You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position. Responsibilities Provide enterprise-level customer support for all request to modify network firewall access-list. Manage access control to all network devices in the theater Troubleshoot and resolve web browsing issues Support request for services hosted in the demilitarized zones (DMZ) Assist with identifying malicious web activity. Ensure that all technologies that are managed are compliant with all current DISA Security Technical Implementation Guides (STIGs). Perform regular system maintenance in support of IAVA vulnerabilities and CCRI Compliance. Provides network security policy recommendations, project planning, change control, firewall management, and access control list (ACL) management. Extensive knowledge in certificate-based authentication for VPN Concentrators to allow Virtual Private Network (VPN) connections. Create and maintain BlueCoat ProxySG web filtering policy, BlueCoat Reporter database, and BlueCoat Content Analysis System (CAS) scanning definitions. Working knowledge of HTTP/S proxy servers and security (Web Cache Communication Protocol, browser interaction, and filtering / authentication. Proven ability to troubleshoot TCP/IP layer issues via PCAP and SSL/TLS issues via Policy-Trace on the Bluecoat and/or PCAP software such as WireShark. Support authentication, authorization, accounting (AAA) & auditing for all network devices and maintain records for accounts in Cisco ACS. Knowledge and ability to troubleshoot routing protocols: EIGRP, RIP, OSPF, BGP, and MPLS. Ability to implement standard and extended access-lists. Ability to make accurate and independent decisions under pressure. Experience with a customer service-oriented company. Excellent organizational, interpersonal, written, and verbal communication skills. Ability to perform comfortably in a fast-paced, deadline-oriented work environment. Ability to successfully execute many complex tasks simultaneously. The work environment will be 95% indoor and 5% outdoor. Perform additional duties as assigned. Qualifications Qualification: Education / Certifications: One year of related experience may be substituted for one year of education if degree is required. Bachelors Degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field. This position requires candidates to adhere to DoD 8570.01. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification. The authorized certifications for this job title are listed as follows: IAT Level: IAT III BASELINE: Cisco: CCNP Security (Cannot be used as a dual qualifier) CompTIA: CASP+ ce: Advanced Security Practitioner GIAC: GCED: Certified Enterprise Defender GIAC: GCIH: Certified Incident Handler ISACA: CISA: Certified Information Systems Auditor ISC2: CCSP: Certified Cloud Security Professional ISC2: CISSP (or Associate): Certified Information Systems Security Professional COMPUTING ENVIRONMENT (CE): Blue Coat: BCCPP: Certified Proxy Professional Cisco: CCIE: (Any) Cisco: CCNP: Certified Network Professional (Any) Microsoft: 365 Certified: Enterprise Administrator Expert Microsoft: Certified: Azure Database Administrator Associate Microsoft: Certified: Azure Security Engineer Associate Microsoft: Certified: Azure Solutions Architect Expert Microsoft: MCSA: Windows Server 2016 Microsoft: MCSE: Cloud Platform and Infrastructure Microsoft: MCSE: Core Infrastructure Microsoft: MCSE: Data Management and Analytics Microsoft: MCSE: Productivity Solutions Expert Experience: One year of related academic study above the high school level may be substituted for one year of experience up to a maximum of a 4-year bachelor's degree in a Software Engineering or Business Information Systems discipline for three years general experience. Minimum of 10 years of experience in demonstrating the ability and aptitudes, required to perform technical, managerial, or analytical work. Coordinate enterprise network equipment & software platforms including a combination of the following: Cisco ASA Firewalls, Cisco Firepower Next Gen Firewall, Cisco Secure Firewall Management Center, Symantec BlueCoat, Cloud-Based Internet Isolation Solutions, and Cisco Identity Services Engine (ISE). Skills: Proficiency using a combination of the following platforms: Cisco devices (i.e., Cisco ASA, ASRs, & 3700 series switches) Symantec BlueCoat (i.e., ProxySG series Director & Content Analysis System) Cisco Secure Access Control System Cisco AnyConnect, and Cisco ASA CLI & ASDM We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.
Confirm your E-mail: Send Email