Overview Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. WAN Security Engineers are required to be certified at the expert level in multiple disciplines of networks and security (e.g. CCNP/CCIE & CISSP). WAN Security Engineers support Enterprise-class network security technologies, which includes network firewalls, web proxy appliances, VPN appliances, Comply to Connect (C2C) and Network Access Control solutions. The WAN Security Engineers are responsible for design, troubleshooting, optimization, administration, change management and technical documentation. The core network technologies include Cisco Firepower Next-Generation Firewalls, Cisco Secure Firewall Management Center (FMC), Menlo Cloud-Based Internet Isolation Solutions (CBII), Forescout Enterprise Manager, and Cisco Identity Services Engine (ISE). Program: OMDAC-SWACA This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program! You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position. Responsibilities Provide enterprise-level customer support for all requests to modify network firewall access-lists; manage access control to all network devices in the theater; troubleshoot and resolve web browsing issues; support requests for services hosted in the demilitarized zones (DMZ). Provides network security policy recommendations, project planning, change control, firewall management, and access control list (ACL) management. Enforce enterprise security policies. Assist with identifying and investigating malicious network activity. Ensure that all managed technologies are compliant with current DISA Security Technical Implementation Guides (STIGs). Perform regular system maintenance in support of IAVA vulnerabilities and CCRI compliance. Create, update and maintain proxy web filtering policies. Analyze logs to look for irregularities and identify miscategorized sites that may need to be blocked. Support authentication, authorization, accounting (AAA) & auditing for all network devices and maintain records for accounts in Cisco ISE. Support the Comply to Connect (C2C) infrastructure and work with other departments that play a role in the Zero Trust architecture. Monitor the status and health of the managed network devices using network monitoring tools. Create, update, and maintain detailed network diagrams. Create and track network issues/requests using the ServiceNow ticketing system. Additional duties as assigned by leadership. Qualifications Qualification Security Clearance: Requires an active Secret Clearance Education / Certifications: One year of related experience may be substituted for one year of education if degree is required. Bachelors Degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field. This position requires candidates to adhere to DoD 8570.01M. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification. The authorized certifications for this job title are listed as follows: IAT Level: IAT III BASELINE: Cisco: CCNP Security (Cannot be used as a dual qualifier) CompTIA: CASP+ ce: Advanced Security Practitioner GIAC: GCED: Certified Enterprise Defender GIAC: GCIH: Certified Incident Handler ISACA: CISA: Certified Information Systems Auditor ISC2: CISSP (or Associate): Certified Information Systems Security Professional COMPUTING ENVIRONMENT (CE): Cisco CCNP: Enterprise Cisco CCNP: Security (Cannot be used as a dual qualifier) Cisco CCIE: Enterprise Infrastructure Cisco CCIE: Security Experience: One year of related academic study above the high school level may be substituted for one year of experience up to a maximum of a 4-year bachelor's degree in a Software Engineering or Business Information Systems discipline for three years general experience. Minimum of 10 years of experience working with network and firewall technologies. Experience with VPN technologies. A high-level ability and aptitude to perform technical, managerial, or analytical work and coordination involving enterprise network equipment & software. Platforms including a combination of the following: Cisco Firepower Next Gen Firewall, Cisco Secure Firewall Management Center, Menlo Cloud-Based Internet Isolation (CBII), Forescout Enterprise Manager, and Cisco Identity Services Engine (ISE). A solid background with TCP/IP and must be able to troubleshoot all supported network protocols. Skills and Technology Used: Ability to verify that all systems under the direct control of RCC-SWA are properly configured in accordance with the Higher Headquarters, Local, and DISA STIG configuration policies. Ability to manage asset documentation for accreditation and authorization. Ability to assess networking requirements and provide solutions. Ability to make accurate and independent decisions under pressure. Ability to successfully execute many complex tasks simultaneously. Expert ability to troubleshoot infrastructure equipment. Excellent organizational, interpersonal, written, and verbal communication skills Ability to perform comfortably in a fast-paced, deadline-oriented work environment. Ability to successfully execute many complex tasks simultaneously across departmental boundaries. Experience with a customer service-oriented company We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.