Firewall Administrator

We are looking for a Firewall Administrator to join our team in support of a program with our DoD customer. This is a temporary contract role anticipated through November 2026.

Duties and Responsibilities:

• Plan and deploy Enclave Boundary Defense systems and programs including firewall, proxy server, cloud services and other devices and applications to all DLA enclaves.
• Plan and deploy De-Militarized Zones (DMZs) for each managed firewall as required.
• Provide onsite and remote support to boundary security and programs, which include Checkpoint Firewalls, Aviatrix Product Suite, various types of cloud security, security controls and any other platforms.
• Participate in the development, testing, and implementation of firewalls and proxy servers
• Verify devices are configured in accordance with DISA Security Technical Implementation Guides (STIGs).
• Product lifecycle management and upgrades to include installation of hotfixes, patches, and any other features to improve product performance.
• Evaluate and recommend firewall solutions for technology refreshes.
• Deploy and sustain new firewall solutions as prescribed by the government.
• Coordinate with Tier III support teams and government customers throughout design, planning, implementation, and sustainment phases.
• Research and provide quotes and documents necessary to renew licenses and equipment maintenance for firewall, proxy and cloud services.
• Maintain all current applicable firewall, proxy appliance and cloud services policies to include DoD. Participate in the development, implementation, and maintenance of a secure and effective means of remote access for employees who are working offsite.
• Develop and deliver briefings to the upper-level management as required on a variety of subjects relating to Enclave Boundary Defense.
• Provide firewall troubleshooting (24x7x365 on-call support)
• Review and resolve automated firewall log issues as to threats or possible compromises.
• Provide daily maintenance and support for all DLA Enterprise Boundary Defense systems including monitoring system and log files.
• Review and resolve automated firewall log issues as to threats or possible compromises.
• Notify appropriate personnel of possible threats or systems vulnerabilities.
• Respond appropriately to reported or identified incidents in accordance with the Incident response plan.
• CSP Security Posture Assessment: Conduct comprehensive security assessments of existing and planned CSP deployments, identifying vulnerabilities and recommending remediation actions aligned with industry best practices and relevant security frameworks (e.g., NIST CSF, CIS and Benchmarks).
• Security Architecture Documentation, Design and Implementation: Document, design, implement, and maintain secure network architectures for CSP environments, including secure connectivity, network segmentation, intrusion detection/prevention systems (IDS/IPS), and data loss prevention (DLP) solutions. Maintaining comprehensive documentation of security controls, configurations, and processes within the CSP environment.
• Cloud Security Operations and Monitoring: Provide continuous security monitoring and incident response capabilities for CSP environments, including log analysis, threat intelligence integration, vulnerability management, and incident response planning and execution.
• Audit, Compliance and Governance: Ensure compliance with relevant security regulations and standards (e.g., FedRAMP, FISMA, NIST) for CSP environments, including documentation, reporting, and audit support. Cooperating fully with authorized Government audits and assessments of the CSP environment, providing timely access to documentation, systems, and personnel. Follow DoD Cloud Computing Security Requirements Guide (SRG) and other applicable DoD issuances and instructions.
• Training and Knowledge Transfer: Provide training and knowledge transfer to Government personnel on best practices for securing CSP environments, covering topics such as cloud security fundamentals, secure configuration, threat detection and response, and incident management.

Required Skills, Qualifications and Experience:

• Five (5) years relevant experience to include:
  • Must have working knowledge and understanding of CheckPoint firewalls to include versions R80.40 and R81.10 and industry standard network environments to include firewall and security hardware/software. Must have knowledge and understanding of Information Assurance Best Practices.
  • Must have in depth knowledge of LAN and WAN operations, understanding of how to use Incident Ticket Tracking systems for inputting incident tickets and creating work orders along with a comprehensive knowledge of DOD and DLA security regulations, guidelines, and policies to include, but not limited to, IA standards.
  • Must have hands-on experience with the installation, configuration, and day-to-day sustainment of network equipment, to include but not limited to firewalls, proxy servers, cloud services and other network appliances.
• Required Clearance: DoD Top Secret
• Required Certifications:
  • IAT Level II certification or higher (one of the following): CCNA Security, CySA+, GICSP, GSEC, Security+CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
  • Computing Environment (One of the following): CCSA, CCSE or CCSM
• Location:
  • This is a remote position that may require up to 25% travel, both CONUS and OCONUS. Candidates must have a valid US Passport, or the ability to obtain one quickly. 

Preferred Qualifications:

• One of the following is preferred, but not required: AWS Cloud Practitioner, Microsoft Certified: Azure Fundamentals, or Comp TIA Cloud+