Senior Cybersecurity Infrastructure Engineer
At phia we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.phia is currently seeking a Senior Cybersecurity Infrastructure Engineer to support a large Federal agency enterprise network and cybersecurity infrastructure configuration, management, monitoring, and optimization. While this opportunity is contingent upon contract award, we welcome the start of a conversation now! Hybrid flexibility within the DMV (DC/MD/VA) Metro area
What You'll Do
- Support the configuration, monitoring and reporting of network and cybersecurity infrastructure capabilities for a large enterprise (over 80,000 users).
- Support risk analysis and approval processes for deviation/exemption requests to enterprise-wide Web Filtering, SSL Inspection, Data Loss Prevention (DLP), and IT Configuration Management policies.
- Conduct analysis of information maintained within FireMon Security Intelligence Platform.
- Track, analyze, and report on risks in alignment with policy, standards, processes, and controls.
- Review and analyze firewall configurations for enhancements, optimal configurations, and network connectivity.
- Consult with infrastructure management to customize and configure FireMon Security Intelligence Platform Monitoring to meet specific Department and DHS requirements.
- Perform technical writing and creation of formal documentation such as Standard Operating Procedures (SOPs), reports, training materials, and architecture diagrams.
- Configure and operate the FireMon Security Intelligence platform to provide quarterly status reports of firewall rules reviewed, error founds, and devices configured and deployed in support of enterprise IT security requirements.
- Apply configuration parameters on routers, firewalls and security in accordance with NIST 800-53 controls in on-premises and cloud environments with updates to be included in quarterly reports to the Information System Security Manager (ISSM).
- Document configuration and computer protection components (e.g. hardware, firewalls, servers, routers).
- Provide detailed reporting as directed on implementation, design, and audit of firewalls and advanced firewall configurations that support advanced configurations of software defined networks.
- Provide ad-hoc configuration of firewall or security appliances and network protection components (e.g. routers, switches, intrusion prevention devices to include Cisco, Fortigate, Riverbed and Juniper devices), with reports detailing the architecture logical implementation with detail descriptions implementation configurations.
- Make recommendations regarding the configuration of enterprise perimeter UTM devices as to their security posture and configuration (in accordance with NIST 800-53 and industry best practices for Cisco, Juniper, Riverbed, and Fortigate).
- Produce reporting for enterprise FireMon Security Intelligence Platform infrastructure in support of the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) program and associated Approved Products List (RSA Archer, Splunk, IEM, Fireeye, etc.).
- Maintain proper custody of evidence.
Education + Requirements
- 16 years of relevant experience, or
- AA/AS + 14 years of relevant experience, or
- BA/BS + 12 years of relevant experience, or
- MA/MS + 10 years of relevant experience
- Excellent written and oral communication skills and be able to express technical concepts and operational details in relevant ways to non-technical audiences.
- Knowledge and documented experience with network and cybersecurity infrastructure technology.
- Experience with the FireMon Security Intelligence Platform
Security Clearance
- U.S. citizenship
- Ability to achieve Public Trust or higher
Preferred Skills and Experience
- Experience with the FireMon Security Intelligence Platform