Administer, configure, manage, and troubleshoot enterprise-wide network visibility and security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), packet capture tools, cybersecurity monitoring tools, and virtual private networks (VPNs).
Deploy, manage, and troubleshoot LAN, MAN, WAN, VPN, and wireless network environments across HHS enterprise systems.
Detect, analyze, and mitigate advanced threats including Command-and-Control (C&C) attacks, ransomware, Distributed-Denial-of-Service (DDoS), illicit cryptomining, unknown malware, and insider threats.
Administer, configure, and support Gigamon GigaVUE appliances, Cisco Secure Network Analytics (formerly Stealthwatch), and other department-wide network analytics tools.
Provide customer-facing support through collaborative troubleshooting with multiple stakeholders and vendors, addressing issues ranging from basic inquiries to critical outages.
Support on-call rotations to provide Subject Matter Expert (SME) support for multi-OS environments.
Respond to network security incidents, take containment and remediation actions, and support continuous improvement of detection and prevention processes.
Stay current with emerging threats, vulnerabilities, and network security best practices to proactively strengthen the HHS security posture.
Maintain and develop documentation for system designs, configurations, processes, and service records.
Collaborate with IT staff and stakeholders across disciplines to ensure overall security of HHS enterprise networks.
Mentor and lead junior engineers, providing guidance on best practices and resolving technical challenges.
Required Qualifications
Bachelor’s degree in Computer Science, Information Security, Information Technology, or related discipline, or equivalent combination of education, certifications, and professional experience【38†source】.
At least 5 years of professional experience with enterprise-wide network visibility and/or network security tools.
Demonstrated experience with deployment, management, and troubleshooting of LAN, MAN, WAN, VPN, and wireless networks.
Proficiency with enterprise security tools such as Gigamon, Cisco Secure Network Analytics (Stealthwatch), IDS/IPS, firewalls, and packet capture solutions.
Hands-on experience detecting, analyzing, and mitigating cyber threats such as ransomware, DDoS, malware, insider threats, and C&C activities.
Experience in incident response, security monitoring, and remediation activities.
Strong problem-solving, documentation, and communication skills, with the ability to explain complex technical concepts to non-technical stakeholders.
Demonstrated ability to work independently and as part of a team, with excellent organizational skills.
Familiarity with security frameworks and hardening standards including CIS Controls, NIST SP 800-53 Rev. 5, and DISA STIGs【38†source】.
