Key skills
Palo Alto Networks firewallsCisco routers and switchesMcAfee Web Security ProxyZScalerTCP/IPRoutingSwitchingIPsec VPNsSSL VPNsDNSDHCPNTPACLsNATQoSRADIUSTACACS+Active DirectoryLDAP802.1XNetwork SecurityFirewall
About this role
GovCIO is currently hiring for a remote Master Network Engineer to support the US Courts. The role involves designing and implementing security solutions and maintaining network infrastructure to ensure secure operations across various locations.
Responsibilities:
- Design, implement, and operate next-generation firewall and web security proxy solutions, ensuring secure, high-availability network operations across data centers and nationwide field locations
- Design, implement, and maintain Palo Alto Networks next-generation firewall solutions, including security policies, NAT, VPNs, threat prevention, URL filtering, and decryption
- Engineer and support Cisco routing and switching infrastructure across LAN/WAN environments
- Design and maintain secure network architectures incorporating firewalls, web proxies, VPNs, and access control technologies
- Deploy, configure, and support McAfee Web Security Proxy (Web Gateway) to enforce web filtering, malware protection, and acceptable use policies
- Integrate firewall and proxy solutions with authentication systems (Active Directory, LDAP, RADIUS, TACACS+)
- Monitor security platforms for threats, performance issues, and policy violations
- Analyze logs and alerts to identify security incidents and implement mitigation strategies
- Perform configuration reviews, rulebase optimization, and security hardening
Requirements:
- Bachelor's with 8+ years of network engineering experience (or commensurate experience)
- Strong ZScaler experience
- 5 years of IT or network security experience
- 3 years of hands-on experience with firewall and security platforms routers and switches
- Strong experience with Palo Alto Networks firewalls
- Strong experience with Cisco routers and switches
- Strong experience with McAfee Web Security Proxy / Web Gateway
- In-depth knowledge of TCP/IP, routing, and switching
- In-depth knowledge of IPsec and SSL VPNs
- In-depth knowledge of DNS, DHCP, NTP
- In-depth knowledge of ACLs, NAT, QoS
- Experience with authentication and access control technologies: RADIUS / TACACS+, Active Directory / LDAP, 1X
- Clearance Required: Ability to maintain a Public Trust clearance