Network Defense Engineer/Firewall/Bluecoat Administration - Provide engineering and management of strategic network boundary protection security devices utilizing defense in depth across all network tiers. Provides technical support regarding the design, configuration, implementation, operational management, and troubleshooting of boundary protection devices including Bluecoat Web Proxy filters, IPS/IDS, Syslog, and Cisco switches and routers. Implements network policies and exemptions in accordance with published standards and regulations. Provide engineering network defense engineering support involving the design, configuration, implementation, and operational management of network defense systems and management of network boundary security devices. This includes: Troubleshoot network defense devices such as proxy filters, traffic accelerators, firewalls, VPNs and IPS/IDS. Configure and manage ACS and Radius servers, TACACS+, 802.1x, AAA, SSH, crypto maps, ACLs and other network security protocols. Create network accounts, manage account permissions, update 802.1x with current information systems, complete tickets related to firewall and proxy exemptions, and troubleshoot network security-related issues. Configure, administer, and troubleshoot firewalls and BlueCoat ProxySG appliances and implement at network hardware technology, with particular emphasis on Cisco PIX, Cisco ASA, Cisco Routers, Juniper Netscreen and Bluecoat ProxySG. Assist with the development and documentation of recommendations for theater network operational policies, procedures, technical standards and guidelines. Maintain compliance of network device software versions and configuration in accordance with DISA STIG policy; devices must be compliant within 30 days of policy updates. Implement approved network policies within two hours of receipt. Begin troubleshooting security device problems within one hour; resolve problems within six hours.
Bachelor of Science degree in an information technology or computer science field. Minimum of five (5) years of experience providing intelligence support to DoD networks. Possess a DoD 8570 Information Assurance Management (IAM) Level III certification
This position requires a Top Secret US DoD security clearance.