Firewall Engineer

Location: Fairfax, VA, United States
Date Posted: 05-09-2017
Firewall Engineer to work directly with mission support program for the Office of Cybersecurity’s Information Security Directorate (INFOSEC). The overall scope of this work is to support INFOSEC with Information Technology (IT) support services including protection of networks against unauthorized access, modification of data, and malicious activity.  Support the continuous management and monitoring of networks and analyze and respond to alerts as they occur.  
Reviews client IT security procedures, strategies and standards and identifies specific areas of vulnerability using industry tools like Retina, ISS, etc. Analyzes vulnerabilities and recommends procedural and/or IT infrastructure improvements. Supports Certification and Accreditation (C&A) efforts. Develops verification procedures for executing risk assessments and security test and evaluations; conducts risk assessments to ensure that systems are operating securely. Analyzes and defines security requirements for multilevel Security (MLS) issues. Designs, develops, engineers, and implements solutions to MLS requirements. Gathers and organizes technical information about mission goals and needs, existing security solutions and products, and ongoing programs in the MLS arena. Performs risk analyses of proposed changes to existing environments, as well as planned implementations of new facilities and field deployments. Performs risk assessments of existing IT environments and impacts of planned changes, as well as security risk assessments for new projects. Provides technical support for secure integration of systems hardware, as well as secure software development and integration, including reviewing work products for correctness and adhering to the secure design concept. Analyzes and recommends the resolution of IA/security problems on the basis of knowledge of the major IA products and services, an understanding of their limitations, and knowledge of the IA disciplines. Regularly interacts with stakeholders to ensure maintenance of a compliant, stable, and effective IT security posture.
Responsible for supporting:
Minimum 5 years of experience configuring and administering firewall technologies including but not limited: carrier class Checkpoint Firewalls; Barracuda Web Application Firewalls (WAF); and Firemon Security Manager.
Has in-depth knowledge of security operations, including firewall rules and security policies.
Strong networking ability and knowledge of firewall platforms to assist in rapid identification and isolation of issues during incidents and outages.
Collaborates to design, plan and implement new firewall architectures, upgrades, and features as necessary.
Assist in the administration of all Information Security firewalls. Performing updates, upgrades, policy administration and validation.
The engineer will assist in reviewing and implementing customer changes consistent with existing policies.
The engineer will review and update the documentation to ensure consistency with current procedures.
Manage and tune additional software blades associated with firewall architecture. (IPS, URL, Application Control, AV, Advanced Malware detection).
Regular review of Web Application Firewall (WAF) events to identify anomalous behavior.
Willingness to work outside of normal business hours to support outage resolution, planned maintenance or to implement an upgrade.
Perform other official duties as assigned.

​​Minimum Qualifications and Requirements:
Associates Degree
One year of successful information assurance management experience. Knowledgeable or experienced with the following technologies – NetApp, Windows, CISCO, and VMware. Detailed knowledge of Information Assurance (IA) / security products such as Public Key Infrastructure (PKI), VPN, virtual LANs (VLAN), firewalls, network-based and host-based intrusion detection and prevention systems, and data encryption.

this job portal is powered by CATS