NETWORK ENGINEER: TS/SCI with Full Scope Poly

Inferno Systems is looking for senior Network Engineers who can manage and secure complex, large scale networks with a strong background in network architecture, engineering and security., You will be responsible for installations and upgrades and will design and configure network connections, paths, routing and security controls. You will maintain network hardware and software as well as monitor network systems to ensure availability. You will support, design and document factory testing and integration of new network devices and infrastructure. You will support existing and assist with designing new IP / MPLS and LAN/WAN infrastructure.

We are looking for network engineers who can independently run projects from inception to completion, including gathering requirements, design, implement, test and documentation. You should have experience managing the end-to-end lifecycle of new remote site deployments, including hardware procurement and circuit provisioning to advanced VPN technologies and LAN management., * Experiencing installing, configuring and maintaining Cisco routers and switches.

• Experience with setting up and configuring VPNs and firewalls.
• Designing and deploying LAN or WAN networks in an isolated environment.
• Experience with BGP, OSPF, and/or EIGRP.
• Comprehensive understanding of transport layer (DWDM, MPLS, SD-WAN) and data center fabrics, SNMPv3 and netflow
• Experience with Cisco Identity Services (ISE) / NAC, 802.1x and TACACS.
• Understanding of data center east/west and north/south data flows.
• Experience with Deep Packet Inspection (DPI) technologies, SSL/TLS, URL filtering, IPSs and iptables
• Zone-Based Firewalls (ZBFW), Control Plane Policing (CoPP) and sophisticated ACLs
• User-based security (user-ID) to create granular policies integrated with AD and LDAP
• Experience with workstation agents, Endpoint Detection and Response (EPR) and Extended Endpoint Detection and Response (XDR)
• Experience with Splunk or similar SIEM for traffic analysis, custom dashboards and threat hunting.
• Managing critical incident response during outages.
• Experience with cloud provider virtual security appliances and networking, including AWS, Azure and GDC.
• Managing licences using SSM .
• Understanding of high-availability concepts and software.
• Experience with ticketing and collaboration systems such as Confluence and Jira.
• Familiarity with cybersecurity best practices.
• Experience with security monitoring and logging tools, netflow and triage using wireshark and/or tcpdump
• Understanding of end-to-end data flows within data centers, between servers and between clients.

DESIRED SKILLS:

• Cisco certifications such as the CCNA or CCNP
• Bash and/or Python scripting experience.
• Familiarity with IDS and IPS systems
• Familiarity with virtualization platforms such as vSphere, KVM, etc.
• Understanding of Linux network security tools (e.g., Metasploit, Netcat, Nmap, iptables, BurpSuite, IDS, SELinux, etc.).
• Experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs and IPS logs.
• Demonstrated knowledge of information security discipline via industry certification such as: OSCP, CCSP, CISSP, SSCP, GIAC (Security Track).
• Experience conducting incident response to include: research and identification of attack vector, malware mitigation and removal and documentation of the event.
• Motivated self-starter with an analytical focus, problem solving skills, time management skills and a passion for computer, network, or cyber security.
• Actively seeks to enhance the group through knowledge sharing.