Firewall Administrator

We are looking for a Firewall Administrator to join our team in support of a program with our DoD customer.

Responsibilities Include:

• Plan and deploy Enclave Boundary Defense systems and programs including firewall, proxy server, cloud services and other devices and applications.
• Plan and deploy De-Militarized Zones (DMZs) for each managed firewall as required.
• Provide onsite and remote support to boundary security and programs, which include Checkpoint Firewalls, Aviatrix Product Suite, various types of cloud security, security controls and any other platforms.
• Participate in the development, testing, and implementation of firewalls and proxy servers
• Verify devices are configured in accordance with DISA Security Technical Implementation Guides (STIGs).
• Product lifecycle management and upgrades to include installation of hotfixes, patches, and any other features to improve product performance.
• Evaluate and recommend firewall solutions for technology refreshes.
• Deploy and sustain new firewall solutions as prescribed by the government.
• Coordinate with Tier III support teams and government customers throughout design, planning, implementation, and sustainment phases.
• Research and provide quotes and documents necessary to renew licenses and equipment maintenance for firewall, proxy and cloud services.
• Maintain all current applicable firewall, proxy appliance and cloud services policies to include DoD. Participate in the development, implementation, and maintenance of a secure and effective means of remote access for employees who are working offsite.
• Develop and deliver briefings to the upper-level management as required on a variety of subjects relating to Enclave Boundary Defense.
• Provide firewall troubleshooting (24x7x365 on-call support).
• Review and resolve automated firewall log issues as to threats or possible compromises.
• Provide daily maintenance and support for all Enterprise Boundary Defense systems including monitoring system and log files.
• Review and resolve automated firewall log issues as to threats or possible compromises.
• Notify appropriate personnel of possible threats or systems vulnerabilities.
• Respond appropriately to reported or identified incidents in accordance with the Incident response plan.
• CSP Security Posture Assessment: Conduct comprehensive security assessments of existing and planned CSP deployments, identifying vulnerabilities and recommending remediation actions aligned with industry best practices and relevant security frameworks (e.g., NIST CSF, CIS and Benchmarks).
• Security Architecture Documentation, Design and Implementation: Document, design, implement, and maintain secure network architectures for CSP environments, including secure connectivity, network segmentation, intrusion detection/prevention systems (IDS/IPS), and data loss prevention (DLP) solutions. Maintaining comprehensive documentation of security controls, configurations, and processes within the CSP environment.
• Cloud Security Operations and Monitoring: Provide continuous security monitoring and incident response capabilities for CSP environments, including log analysis, threat intelligence integration, vulnerability management, and incident response planning and execution.
• Audit, Compliance and Governance: Ensure compliance with relevant security regulations and standards (e.g., FedRAMP, FISMA, NIST) for CSP environments, including documentation, reporting, and audit support. Cooperating fully with authorized Government audits and assessments of the CSP environment, providing timely access to documentation, systems, and personnel. Follow DoD Cloud Computing Security Requirements Guide (SRG) and other applicable DoD issuances and instructions.
• Training and Knowledge Transfer: Provide training and knowledge transfer to Government personnel on best practices for securing CSP environments, covering topics such as cloud security fundamentals, secure configuration, threat detection and response, and incident management.

Required Skills, Qualifications and Experience:

Minimum Experience:

• Five (5) years of relevant experience to include the following:
  • Working knowledge of Firewalls.
  • Working knowledge and understanding of industry standard network environments to include firewall and security hardware/software.
  • Working knowledge of Information Assurance Best Practices.
  • In depth knowledge of LAN and WAN operations.
  • Knowledge of industry standard Incident Ticket Tracking systems for inputting incident tickets and creating work orders.
  • Comprehensive knowledge of DOD and DLA security regulations, guidelines, and policies, to include, but not limited to, IA standards.
  • Working knowledge of the installation, configuration and day-to- day sustainment of network equipment, to include but not limited to firewalls and other network appliances.

Security Clearance:

• Sensitivity Level: Must possess IT-I Critical Sensitive security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC) at time of proposal submission.
• Clearance: DoD Secret

Certifications:

• IAT Level II certification or higher (one of the following): CCNA Security, CySA+, GICSP, GSEC, Security+CE, CND, SSCP, CASP+ CE CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
• Computing Environment (one of the following): CCSA, CCSE or CCSM

Location:

• Candidates must reside within a commutable distance of one of the following locations in order to work onsite full time: Columbus, OH; Fort Belvoir, VA; or New Cumberland, PA.

Preferred Qualifications:

• One of the following: AWS Cloud Practitioner, Microsoft Certified: Azure Fundamentals, or Comp TIA Cloud+

Work Environment and Physical Demand:

• Must be able to lift up 50 lbs.