Senior Network Security Architect at ManTech

MANTECH seeks a motivated, career and customer-oriented Senior Network Security Architect in South Burlington, VT or Camp Springs, MD.Responsibilities include, but are not limited to:Use Agile engineering approach to DevSecOps and solutioning with Access Identity and Directory Services to architect, engineer, and implement network security control methods in cloud, on-premise and virtual environments to support DHS directive 4300A, NIST 800-53, and industry best practicesMaintain network readiness and prepare to scale for the future through compliance with all federal requirements such as DHS 4300A, NIST 800-53, and other industry best practices.Perform as Level 4 network / firewall escalation point for network security to effectively support security processes and procedures.  Work with firewall engineers to configure and implement Next Generation Firewall and Intrusion Protection Systems.  Extend into secure network solutions, Palo Alto firewall and intrusion protection devices to scale.Continually improve on the network stability working with the performance team to establish network performance metrics for alerting and remediation automations.  Architect and engineer a Network Access Control (NAC) solution.Audit firmware versions and configuration settings for the USCIS cloud and infrastructure platforms/devices to eliminate vulnerabilities and ensure USCIS deploys and operates in accordance with vendor recommendations, industry best-practices and DHS configuration guidance.Review existing configuration settings to identify potential security vulnerabilities and propose/implement setting or architectural changes to address these vulnerabilities.  Evaluate current and future network designs to ensure that network security is incorporated as an integral consideration in all designs.Perform securing, hardening, and rule creation for new firewalls, switches, routers, and other network equipment. This includes reviewing and re-evaluating existing configuration settings and rules to verify USCIS’ security posture and eliminate unnecessary risk.Minimum Qualifications:Ten (10) + years of experience as an Enterprise Architect across large and complex network and Microsoft AD environmentsCertifications: CCIE, PCNSEExtensive security background with Palo Alto firewall systemsA minimum of four (4) years of experience in cloud technologies such as but not limited to Azure and AWS.Experience designing and implementing enterprise solutions that increase the availability and security of the enterprise.Extensive experience with on premise physical infrastructure and Virtualization technologies including Hyper-V, VMWare, SAN, FCoe, NFS, SMB3Preferred Qualifications:Familiar with tools including: ServiceNow, GitHub, Jira, ConfluenceExperience with ITIL, DevSecOps and Agile conceptsExperience supporting Government contractsClearance Requirements:Must be a U.S. Citizen with the ability to obtain and maintain Public Trust and DHS Security Clearance prior to starting the position.Current DHS EOD highly preferredPhysical Requirements:Office work, typically sedentary with some movement around the office. Apply Now