Classified Network Engineer

The Classified Network Engineer for VTG will oversee and maintain the IT infrastructure within a Sensitive Compartmented Information Facility (SCIF) and other secured environments. This role ensures the secure operation of classified systems, networks, and hardware in compliance with government regulations and organizational policies. The individual will supervise a small team of Classified IT Infrastructure Administrators. This role is hybrid primarily based in Herndon, VA and supports multiple facilities in the DMV area (Herndon, Manassas, and Washington D.C.).

What will you do?

• System Administration:

• Design, manage and maintain secure networks, servers, and workstations within the secured spaces.
• Install, configure, and update operating systems, software, and hardware.
• Monitor system performance, troubleshoot issues, and ensure optimal performance and availability.

• Security and Compliance:

• Collaborate and assist Classified Compliance team with enforcing DoD, NIST, and Intelligence Community (IC) security guidelines, including RMF and STIG compliance.
• Implement and maintain security measures such as firewalls, intrusion detection/prevention systems, and access controls.
• Conduct vulnerability assessments and patch management to mitigate security risks.
• Maintain physical and logical security protocols to protect classified information.

• Incident Response and Monitoring:

• Monitor network traffic and logs for security incidents and respond to alerts promptly.
• Document and report security incidents per organizational protocols and government requirements.

• Access Management:

• Configure and manage user accounts, permissions, and group policies in Active Directory.
• Implement multi-factor authentication (MFA) and other identity management systems.

• Documentation and Reporting:

• Maintain detailed documentation of system configurations, security practices, and incident response activities.
• Prepare and present reports for audits and security inspections.

• Lead, Support and Train:

• Mentor and lead system administrators.
• Provide technical support for SCIF users and coordinate with external IT teams when necessary.
• Train users on security best practices and operational procedures within the SCIF.

• Bachelor's degree in information systems, Cybersecurity, or a related field (or equivalent experience).
• 7 years of experience in network/system administration in secure environments.
• DoD 8570.01 Certification, Level III, such as CISSP, CISM, CCISO, CCNP, CISSP-ISSAP, or CISSP-ISSEP or the ability to obtain
• Strong knowledge of secure IT systems, networks, and protocols (TCP/IP, VPNs, firewalls, etc.).
• Proficiency with Windows and Linux operating systems, virtualization technologies, and storage solutions.
• Familiarity with Risk Management Framework (RMF), Security Technical Implementation Guides (STIGs), and other relevant compliance standards.
• Ability to lift and install equipment weighing up to 50 lbs.
• Perform tasks requiring prolonged sitting, standing, and walking in a secure environment.
• Top Secret/SCI with Poly

Desired:

• Experience with Splunk, SIEM tools, or endpoint detection and response (EDR) platforms.
• Prior experience in classified or SCIF environments.
• Prior experience leading a team.