The Role
Support, operate, and secure a Cisco-based enterprise network for the Congressional Budget Office. Responsibilities include routing/switching, VLANs, DNS/DHCP, 802.1X, Zero Trust implementation, NIST-aligned security controls, vulnerability management, patching, logging/SIEM integration, incident response, documentation, change management, and 24/7 network monitoring.
Summary Generated by Built In
Job Title: Network Engineer
Location: Washington, DC 20515
Client: Congressional Budget Office
Duration: 12 Months
The scope of work includes, but is not limited to, the following activities:
- Enterprise Network Operations: Support the implementation, operation, and optimization of the Congressional Budget Office’s Cisco-based network infrastructure, including core, distribution, access, and edge environments, ensuring reliability, performance, and availability in support of mission requirements.
- Network Security & Compliance Support: Assist in implementing and maintaining network security controls aligned with NIST SP 800-53, NIST SP 800-207 (Zero Trust Architecture), and Cisco security best practices, including participation in monitoring, risk mitigation, and maintaining network security posture.
- Routing, Switching & Infrastructure Services: Configure, manage, and troubleshoot routing, switching, and network services (e.g., VLANs, DNS, DHCP, VPNs), ensuring secure configurations and alignment with organizational standards.
- Network Monitoring & Operations Support: Assist in monitoring network performance and availability, responding to alerts, and supporting integration with enterprise monitoring, logging, and security tools to enhance visibility and incident response.
- Vulnerability Management & Device Maintenance: Support network device patching, firmware updates, and vulnerability remediation activities, ensuring infrastructure components remain secure, compliant, and up to date.
- Change Management & Documentation: Participate in changing management processes, maintain accurate network diagrams and configuration documentation, and support the development and upkeep of standard operating procedures to ensure operational continuity and audit readiness.
- Customer Service & Team Collaboration: Serve as the technical adviser for complicated service desk tickets and modifications to support network operations better, while collaborating with cloud, Microsoft engineering, and cybersecurity teams.
Specific requirements / Tasks
- Implement and maintain network security controls aligned with NIST SP 800-53, including access control (AC), configuration management (CM), system and communications protection (SC), and audit and accountability (AU) control families.
- Enforce Zero Trust network architecture principles in accordance with NIST SP 800-207, including network segmentation, micro-segmentation, and continuous verification of users and devices.
- Design and implement least-privilege network access controls, ensuring role-based and identity-aware access across all network layers.
- Manage 802.1X port-based network access control to prevent unauthorized device connectivity and enforce authentication at the network edge.
- Configure and maintain centralised logging and audit capabilities for all network devices, ensuring logs are forwarded to enterprise SIEM platforms and retained in accordance with compliance requirements.
- Conduct continuous monitoring and vulnerability assessments of network infrastructure, identifying risks and coordinating remediation in alignment with NIST Risk Management Framework (RMF) practices.
- Harden all network devices using secure configuration baselines (e.g., Cisco Secure Configuration Guides), including disabling unnecessary services, enforcing strong encryption protocols, and securing management interfaces.
- Secure public-facing and perimeter network assets by implementing strict ingress/egress filtering, firewall rule optimization, and multi-factor authentication for administrative
- access.
- Support incident response activities by providing network-level analysis, containment actions (e.g., segmentation, blocking malicious traffic), and forensic data collection.
- Establish and maintain secure network segmentation strategies to limit lateral movement and protect high-value assets and sensitive environments.
- Ensure all network changes follow formal change control processes with security impact analysis, supporting compliance with NIST configuration management requirements.
- Develop, implement, and maintain Network Standard Operating Procedures (SOPs);review and update all SOPs on at least an annual basis or as required to reflect changes in technology, policy, or security requirements.
- Document and maintain detailed hardware and configuration baselines for all network devices, including Cisco switches, routers, firewalls, and related infrastructure; conduct annual reviews and updates.
- Perform root cause analysis (RCA) for network incidents, including performance degradation, outages, and security events; document findings and implement corrective and preventive actions.
- Maintain automated network patch management and firmware update procedures in accordance with Cisco best practices and organizational security policies.
- Develop, maintain, and update comprehensive network diagrams that accurately reflect the CBO enterprise network architecture, including cloud, production, and secure environments; review and update diagrams annually or as changes occur.
- Troubleshoot and maintaining DNS services, including configuration changes, issue resolution, and performance optimization.
- Support continuous, real-time monitoring of network infrastructure (24/7 operations), including integration with network management and security monitoring tools.
- Maintain accurate and up-to-date documentation of network configurations, assets, and operational procedures to support audit readiness and operational continuity.
If you are: bright, motivated, skilled, a difference-maker, able to get things done, work with minimum direction, enthusiastic, a thinker, able to juggle and multi-task, communicate effectively, and lead, then we would like to hear from you. We need exceptionally capable people for this role for our client, so get back to us and tell us why
you think you are a fit.
About Us:
Since 2000, Tri-Force Consulting Services (https://triforce-inc.com) has been an MBE/SDB certified IT Consulting firm in the Philadelphia region. Tri-Force specialises in IT staffing, software development (web and mobile apps), systems integration, data analytics, system automation, cybersecurity, and cloud technology solutions for government and commercial clients. Tri-Force works with clients to overcome obstacles such as increasing productivity, increasing efficiencies through automation, and lowering costs. Our clients benefit from our three distinguishing core values: integrity, diligence, and technological excellence. Tri-Force is a six-time winner among the fastest-growing companies in Philadelphia and a four-time winner on the Inc. 5000 list of the nation's fastest-growing companies.
Skills Required
- Experience supporting and operating Cisco-based enterprise networks (core, distribution, access, edge).
- Implement and maintain network security controls aligned with NIST SP 800-53 and NIST SP 800-207 (Zero Trust).
- Configure, manage, and troubleshoot routing, switching, VLANs, DNS, DHCP, and VPNs.
- Manage and enforce 802.1X port-based network access control and role-based identity-aware access.
- Configure centralized logging and forward network device logs to enterprise SIEM platforms.
- Perform vulnerability assessments, device patching, firmware updates, and remediation activities.
- Harden network devices using secure configuration baselines (Cisco Secure Configuration Guides).
- Implement ingress/egress filtering, firewall rule optimization, and MFA for administrative access.
- Support network-level incident response, containment, and forensic data collection.
- Develop and maintain network SOPs, diagrams, configuration baselines, and documentation for audit readiness.
- Support continuous, real-time (24/7) network monitoring and integration with network management/security tools.
- Collaborate with cloud, Microsoft engineering, and cybersecurity teams to support network operations.
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Tri-Force Consulting Services, Inc. is a U.S.-based IT consulting and staffing agency that provides comprehensive IT solutions, including AI-powered services, custom software development, cybersecurity, cloud technology, and IT staffing to government and commercial sectors.
