Azure) IAM Security Engineer
Role details
Job location
Tech stack
Job description
Ansible Firewall Equities Terraform Hardening Operations Management Market Data GitLab CI/CD Drawing Tools Cyber Security Virtualization Access Network Network Routing Network Element Ancient History Network Security Secret Clearance Complex Networks Cisco DNA Center CompTIA Security+ Network Migration Wide Area Networks Network Management Local Area Networks Information Assurance IT Capacity Management Network Infrastructure Infrastructure Security Border Gateway Protocol IAT Level II Certification Verbal Communication Skills Network Resource Management Git (Version Control System) Juniper Network Technologies Multiprotocol Label Switching Security Requirements Analysis Virtual Private Networks (VPN) Multi-Tenant Cloud Environments Troubleshooting (Problem Solving) Simple Network Management Protocols Transmission Control Protocol (TCP) Internet Protocol Security (IP SEC) Puppet (Configuration Management Tool), * Operate and maintain secure network solutions operated as a centralized enterprise capability for the United States Army
- Partner with key stakeholders and technical experts to perform legacy environment discovery, assessing current capabilities, configurations, and requirements to provide network firewall migration support for the Army global network.
- Analyze and understand complex firewall security zones and policies with the ability to transform policies between multiple vendor firewall devices while meeting mission requirements.
- Support secure access solutions leveraging zero trust network access (ZTNA) including support for creation of new access policies and maintenance of existing policies.
- Integrate capacity planning and scaling of network and security stack environments into the overall operational support processes and staff.
- Collect, investigate, and identify network resource management strategies and techniques to meet capacity and performance requirements
- Work with information assurance teams and the AGUN cybersecurity service provider (CSSP) to ensure compliance to DoD standards to assist with maintenance of the network security posture.
- Document designs, diagrams, drawings, and technical narratives using wiki technologies and common diagram and drawing tools., Network Automation Local Area Networks Investment Concepts Technology Solutions Architectural Design Business Requirements Solution Architecture Technology Life Cycle Technical Requirements Permanent Resident Cards Code Of Federal Regulations Change Management Processes Security Requirements Analysis Virtual Private Networks (VPN) Cisco Identity Services Engine (ISE) Cisco Certified Network Professional Certified Information Systems Security Professional Cisco Certified Network Professional (CCNP) Routing And Switching +0
Google Project Management Senior Cloud Security Engineer TEKsystems Bolingbrook, ILRemote CI/CD DevOps Splunk Firewall DevSecOps Pipelines Operations Leadership Governance Innovation Kubernetes Encryption Multi-Cloud Communication Key Management Cloud Security Security Tools Microsoft Azure Problem Solving Access Controls Network Security Virtual Desktops Cloud Engineering Windows PowerShell Business Valuation Container Security Compliance Auditing Enterprise Security Cloud-Native Computing Full Stack Development Artificial Intelligence Enterprise Architecture Business Transformation Go (Programming Language) Python (Programming Language) Cloud Security Infrastructure Google Kubernetes Engine (GKE) Security Information And Event Management (SIEM) +0 (Azure) IAM Security Engineer TEKsystems Chicago, ILRemote OAuth On Prem CyberArk Scripting Operations IT Security Communication Microsoft 365 Detail Oriented Authentications Windows Servers Microsoft Azure Access Controls Active Directory Security Controls Security Policies IT Infrastructure Windows PowerShell Business Valuation Amazon Web Services GIAC Certifications Single Sign-On (SSO) Business-To-Consumer Data Loss Prevention Business Technologies Information Technology Full Stack Development Azure Active Directory Artificial Intelligence Business Transformation Authorization (Computing) Python (Programming Language) Active Directory Federation Services Security Assertion Markup Language (SAML) Certified Cloud Security Professional (CCSP) GIAC Security Essentials Certification (GSEC) Certified Information Systems Security Professional
Requirements
- Must currently possess and be able to maintain an active DoD SECRET security clearance
- Minimum of a Bachelor's degree with 10+ years' experience or Master's degree with 10+ years of experience (additional years of directly applicable experience may be accepted in lieu of a degree).
- Require active DoD IAT Level II (i.e. Security+) certification or equivalent prior to start. Must obtain and maintain an approved Computing Environment (CE) certification applicable to the supported technology environment within six (6) months of hire.
- Expert understanding of networking and virtualization of firewalls including VSYS in a multi-tenant environment
- Demonstrated experience with networking concepts such as LAN, WAN, BGP, TCP/UDP, IPSec, VPN, Routing(L2/L3), and firewalls in a virtualized environment.
- Demonstrate experience in one or more of the following enterprise network management tools such as Palo Alto Panorama, Cisco Prime, Cisco DNA, or Junos Space.
- Demonstrate experience in system hardening of network infrastructure to include DoD STIG implementation
- Must have experience in working with two or more of the following vender network technologies: Cisco, Juniper, Palo Alto, Dell, RAVPN, Global Protect, or AppGate.
- Experience with the following protocols: SFTP, SSH, SCP, MPLS, SNMP, NTP.
- Must be able to work as part of a team to execute troubleshooting and resolve complex network security issues.
- Must have excellent written and verbal communication skills.
- Must be willing to work non-standard shifts to accomplish network migration objectives and goals
- Must be able to interface with customers.
- Must be willing to travel up to 10% of the time., * Army/DISA migration experience.
- Hands on experience with Palo Alto Next Generation Firewalls (NGFW)
- Knowledge and use of NetSecOps technologies including git, Gitlab CI/CD, Ansible, Terraform, Puppet, and network element managers
- Working knowledge and understanding of Python
- Demonstrate expertise in design and improvement of complex and geographically enterprise networks.
- Expert knowledge of US Army security requirements for network infrastructure.
If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo - because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 - and moving faster than anyone else dares., Bethpage, NY*Remote Writing Planning Firewall Cannabis Cisco IOS Operations Management Innovation SolarWinds Multitasking Data Centers Cyber Security VMware VSphere VMware vCenter Version Control Problem Solving Physical Design Network Security Analytical Skills Change Management Behavioral Health Computer Networks F5 Load Balancers
Benefits & conditions
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .