COI/Firewall/IDS-IPS Engineer

We are seeking a highly skilled and innovative COI/Firewall/IDS-IPS Engineer to join our team in the greater DMV area, supporting the Army National Guard.

Responsibilities

• Lead design, implementation, and lifecycle management of next‑generation firewalls (NGFW), IDS, and IPS across COI, on‑premises, cloud, and hybrid environments.
• Architect segmented network environments applying zero‑trust, least‑privilege, and defense‑in‑depth principles.
• Develop and maintain firewall policies, ACLs, NAT, VPN architectures, and security rule sets governing inter‑enclave and external connectivity.
• Perform deep‑packet inspection, signature tuning, anomaly detection refinement, and traffic‑flow validation to detect APTs, lateral movement, C2, and data exfiltration.
• Integrate NGFW/IDS/IPS telemetry with SIEM and SOAR platforms to enhance correlation, detection, and incident response.
• Conduct technical risk assessments and control validations aligned to NIST SP 800‑53, NIST SP 800‑41, DoD STIGs, and RMF requirements.
• Execute rule‑base optimization reviews, configuration audits, and compliance assessments to reduce attack surface and improve detection fidelity.
• Lead troubleshooting and root‑cause analysis for complex network security incidents; coordinate containment and remediation with SOC, network, and system teams.
• Provide architectural guidance for high‑availability deployments, encrypted traffic inspection, secure remote access, and secure system onboarding.
• Maintain detailed documentation, data‑flow diagrams, change control records, and evidence to support continuous monitoring and accreditation.

#ENOCS

Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Master’s degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
  • Relevant DoD/military training (example: Security Architect (Advanced) Playlist); OR
  • Relevant professional certification or equivalent experience (examples: CCNP Enterprise, CISM, CISSP‑ISSAP, CISSP‑ISSEP, GCIA, GDSA, GICSP).

• Required experience and skills:

  • Network/security engineering experience with at least 3 years designing and operating NGFW/IDS/IPS in enterprise or DoD environments.
  • Hands‑on expertise with firewall platforms, IDS/IPS technologies, TLS/SSL inspection, VPNs, NAT, ACLs, and high‑availability clustering.
  • Experience tuning signatures, creating detection logic, and validating detections using packet capture and telemetry analysis.
  • Proficiency integrating telemetry into SIEM/SOAR, developing correlation rules, and enabling automated playbooks for response.
  • Strong knowledge of NIST SP 800‑53/800‑41, DISA STIGs, RMF control families, and compliance/audit evidence practices.
  • Proven incident response coordination, root‑cause analysis, and cross‑functional remediation leadership.
  • Excellent documentation skills for architecture diagrams, rule‑base rationalization, and change control artifacts.

• Desired:

  • Prior DoD/COI/ARNG network‑security or CCRI support experience.
  • Experience with encrypted traffic inspection at scale, TLS decryption architectures, and privacy/inspection tradeoffs.
  • Familiarity with cloud‑native firewall/IDS services and hybrid integration patterns.
  • Experience advising senior leadership on carrier/provider escalation, SLA risk, and architectural tradeoffs.

#ENOCS