Senior Network Engineer - Cisco & Zero Trust ArchitectureInformation Management Resources Inc • Ashburn, Virginia, United States
Senior Network Engineer - Cisco & Zero Trust Architecture
Information Management Resources Inc
- Ashburn, Virginia, United States
- Ashburn, Virginia, United States
À propos
Position Overview IMRI is seeking an experienced and strategic Senior Network Engineer to support a high‑visibility federal customer environment. This role is responsible for leading the design, implementation, and sustainment of secure, enterprise network architectures built on Cisco technologies and aligned with Zero Trust principles. As a senior technical contributor and advisor, you will play a key role in strengthening network security, resilience, and operational performance, while supporting ongoing incident response remediation efforts and compliance with federal cybersecurity standards.
Key Responsibilities Enterprise Network Engineering & Operations
Lead the design, implementation, operation, and optimization of enterprise Cisco network infrastructure across core, distribution, access, and edge environments
Ensure high availability, scalability, performance, and resilience of mission‑critical network systems
Perform advanced troubleshooting and root cause analysis (RCA) for network outages, performance issues, and security events
Network Security Architecture & Compliance
Implement and sustain network security controls aligned with NIST SP 800-53 and Zero Trust Architecture (NIST SP 800-207)
Drive Zero Trust adoption through network segmentation, micro‑segmentation, and continuous verification strategies
Continuously assess and strengthen network security posture through monitoring, risk mitigation, and evolving best practices
Network Access Control & Identity Integration
Architect and enforce secure network access controls, including 802.1X port‑based authentication , role‑based access, and identity‑aware networking
Integrate network access with enterprise identity services to support least‑privilege access models
Routing, Switching & Infrastructure Services
Oversee routing, switching, and core network services, including VLANs, DNS, DHCP, and VPNs
Ensure secure configurations, optimal performance, and alignment with organizational standards
Perimeter Security & External Access Protection
Secure public‑facing and edge network environments, including firewalls, remote access solutions, and perimeter devices
Implement strict access controls, ingress/egress filtering, and monitoring to defend against external threats
Monitoring, Logging & Security Operations Enablement
Establish and manage enterprise network monitoring, logging, and alerting capabilities
Integrate network infrastructure with SIEM and network detection and response (NDR) platforms to enhance visibility and threat detection
Support 24/7 operational monitoring environments and incident response readiness
Vulnerability Management & Device Lifecycle
Lead structured vulnerability management activities, including patching, firmware updates, and remediation
Maintain lifecycle management processes to ensure all network assets remain secure, supported, and compliant
Change Management & Documentation
Ensure all network changes follow formal change management processes, including impact and security analysis
Maintain detailed network diagrams, configuration baselines, and asset inventories
Develop and maintain Standard Operating Procedures (SOPs) to support audit readiness and operational continuity
Incident Response & Security Support
Provide network‑level expertise during incident response activities, including traffic analysis, containment (e.g., segmentation, traffic blocking), and forensic data collection
Support audits, assessments, and compliance reviews by providing documentation, evidence, and remediation support
Technical Leadership & Collaboration
Serve as a senior technical advisor to stakeholders and cross‑functional teams
Collaborate with cybersecurity, cloud, and Microsoft engineering teams to resolve complex challenges and improve network architecture
Act as an escalation point for advanced service desk issues and network‑related initiatives
Key Technical Responsibilities
Implement and maintain security controls across NIST domains (AC, CM, SC, AU)
Enforce Zero Trust architecture (segmentation, micro‑segmentation, identity verification)
Design and implement least‑privilege, role‑based network access controls
Deploy and manage 802.1X network access enforcement
Configure centralized logging with integration to SIEM platforms
Conduct continuous monitoring, vulnerability assessments, and RMF‑aligned remediation
Harden network devices using Cisco Secure Configuration Guides and secure baselines
Secure perimeter infrastructure through firewall management, filtering, and MFA enforcement
Perform root cause analysis and implement corrective/preventive actions
Maintain automated patching and firmware lifecycle processes
Administer and troubleshoot DNS services within enterprise environments
Develop and maintain accurate, up‑to‑date network diagrams and documentation
Required Qualifications
Extensive experience with Cisco enterprise network engineering and operations
Advanced knowledge of routing, switching, and network architecture design
Demonstrated experience implementing Zero Trust principles and segmentation strategies
Strong understanding of NIST SP 800-53 and NIST SP 800-207 frameworks
Hands‑on experience with firewalls, VPNs, network access control, and security technologies
Expertise with 802.1X, identity‑based networking, and access enforcement
Experience integrating network infrastructure with SIEM and monitoring platforms
Proven ability to perform system hardening, vulnerability remediation, and compliance support
Strong analytical and troubleshooting skills, including root cause analysis
Experience supporting structured change management and documentation practices
Preferred Qualifications
Experience supporting federal agencies or highly regulated environments
Familiarity with Cisco Secure Configuration Guides and security hardening standards
Experience with NIST Risk Management Framework (RMF) processes
Knowledge of automated patch management and enterprise device lifecycle strategies
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.