Senior Network SME - Zero Trust

Job Description

Salary:

Job Title: Senior Network SME

Location: Reston, VA (Hybrid 3x/week)

Salary: DOE + full benefits

Clearance: Public Trust

Job Overview

We are seeking an experienced Senior Network Engineer with specialized expertise in Zero Trust technology and a successful track record supporting federal government initiatives. This role will play a critical part in designing, implementing, and maintaining secure network infrastructures aligned with Zero Trust principles within government environments.

Job Responsibilities

Lead the design and implementation of Zero Trust network architectures, including network segmentation, secure access controls, and micro-segmentation, ensuring robust security across federal government networks.Responsibility to support network roadmap documentation and gap closure tasks.

Architect and manage IAM solutions, including centralized authentication, role-based access controls (RBAC), multi-factor authentication (MFA), and privileged access management (PAM) within government systems.

Develop and implement network segmentation strategies to partition networks into secure zones, restricting lateral movement and minimizing attack surfaces while adhering to Zero Trust principles.

Manage and configure security infrastructure components such as firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure gateways aligned with Zero Trust architectures.

Implement encryption methodologies, data protection measures, and cryptographic protocols to safeguard sensitive data in transit, at rest, and during processing within government networks.

Ensure network infrastructure and configurations comply with federal cybersecurity standards, policies, and frameworks like NIST, FISMA, and other relevant mandates.

Provide support for incident response efforts, conduct root cause analysis, and troubleshoot network security issues, ensuring rapid resolution and minimal disruption to government operations.

Required Skills/Qualifications

Minimum of 12 years + of hands-on experience as a Senior Network Engineer, specifically within federal government environments, focusing on Zero Trust technology.

Deep knowledge and practical experience in network security principles, secure architecture design, access controls, and intrusion detection methodologies within government networks.

Proficiency in implementing Zero Trust principles, network segmentation, identity and access management, encryption, and secure access controls within complex government environments.Direct experience with microsegmentation and Zero Trust networking strategies.

Expertise in implementing centralized authentication mechanisms, such as Active Directory, LDAP, or similar systems, integrated with Zero Trust principles for robust identity management.

Profound understanding and practical experience in designing RBAC models aligned with Zero Trust architectures, ensuring access privileges based on roles and responsibilities within government networks.

Knowledge of implementing MFA solutions, biometric authentication, smart cards, or token-based authentication methods to strengthen access controls within government systems.

Expertise in SDN principles and technologies to enable dynamic network segmentation, policy enforcement, and flexible network provisioning aligned with Zero Trust concepts.

Strong understanding of federal cybersecurity regulations, policies, and frameworks such as NIST, FISMA, and other relevant standards applicable to government networks.

Proficiency in network protocols, firewall configurations, VPN technologies, encryption standards, and security tools prevalent in federal government settings.

Advanced knowledge of VPN technologies, including site-to-site VPNs, remote access VPNs, and secure tunneling protocols, ensuring secure communications within government networks.

Hands-on experience in configuring and managing firewalls, ensuring rule-based access control, intrusion prevention, and secure traffic filtering as part of Zero Trust architectures.

Relevant certifications in networking (e.g., CCNP, CCIE), cybersecurity (e.g., CISSP, CompTIA Security+), and Zero Trust technologies are highly desirable.

Education:

Bachelors degree in computer science, information systems, mathematics, physics, or related discipline

Employer will accept years of experience in lieu of a degree.

Full-time

Hybrid remote