Key skills
PythonTerraformGitLab CIAnsibleOpenShiftGitGitLabLoad BalancingCI/CDCommunicationNetwork SecurityZero TrustFirewall
About this role
Leidos is an industry and technology leader serving government and commercial customers. They have an immediate need for a Senior RONIN Network Security Engineer to support the Army’s global wide area network and security infrastructure, ensuring mission continuity and assured communications across all Army network domains.
Responsibilities:
- Engineer, operate, and maintain secure RONIN network security solutions within the AGUN enterprise, ensuring mission assurance and network resilience across distributed Army environments
- Partner with AGUN stakeholders and technical teams to integrate RONIN capabilities into existing and emerging network architectures to enhance operational continuity
- Analyze and optimize complex firewall and segmentation policies supporting secure, dynamic node-to-node interconnectivity under contested or degraded conditions
- Support implementation of Zero Trust Network Access (ZTNA) frameworks and adaptive routing technologies that enhance RONIN node performance and survivability
- Lead troubleshooting and mitigation of high-impact network and security events affecting RONIN operations, coordinating with the AGUN Cybersecurity Service Provider (CSSP)
- Integrate resilient network design, load balancing, and recovery mechanisms into operational processes and capacity planning
- Conduct network anomaly detection, security forensics, and performance monitoring to ensure optimal RONIN node integrity and operational readiness
- Ensure compliance with DoD STIGs, Army cybersecurity policy, and other applicable directives for secure network operations
- Develop and maintain technical documentation, topology diagrams, and configuration baselines using collaborative platforms and version-controlled repositories
Requirements:
- Must currently possess and be able to maintain an active DoD SECRET security clearance
- Bachelor's degree with 12+ years of experience, or Master's degree with 10+ years of experience (additional directly applicable experience may substitute for degree)
- Active DoD IAT Level II (e.g., Security+) certification or equivalent prior to start
- Expert understanding of network security, segmentation, and virtualization technologies, including VSYS and multi-tenant environments
- Demonstrated experience with LAN, WAN, BGP, TCP/UDP, IPSec, VPN, L2/L3 routing, and firewall operations within hybrid or virtualized infrastructures
- Experience with one or more enterprise management platforms such as Palo Alto Panorama, Cisco ISE, Tenable Security Center, VMWARE vSphere, Redhat Openshift, Cisco Prime, Cisco DNA, or Junos Space
- Proven ability to apply DoD STIGs and system hardening standards to enterprise network environments
- Experience with two or more of the following vendor technologies: Cisco, Juniper, Palo Alto, Dell, RAVPN, GlobalProtect, or AppGate
- Working knowledge of SFTP, SSH, SCP, MPLS, SNMP, and NTP
- Ability to work collaboratively in a high-tempo, mission-driven environment, executing complex troubleshooting and resolution efforts
- Strong written and verbal communication skills
- Willingness to work non-standard shifts to support mission operations
- Ability to travel up to 10%
- Experience supporting Army or DISA network modernization/migration programs
- Hands-on experience with Palo Alto Next-Generation Firewalls (NGFW) and advanced rule-base design
- Familiarity with NetSecOps tools such as Git, GitLab CI/CD, Ansible, Terraform, and Puppet
- Scripting experience in Python for automation and configuration management
- Expertise in resilient and distributed enterprise network architecture design
- Comprehensive understanding of U.S. Army network security and compliance standards