Location: San Antonio,TX, USA
Position Description:
The candidate must be able to provide assistance in all aspects of network management from network design through implementation, maintenance, and upgrading of existing networks. Must be able to analyze designs, identify specifications, and develop related documents as well as implement communication system requirements to support the distributed functionality of a software engineering environment. Candidate must also be ablet o analyze network characteristics (e.g. traffic connect time, transmission speeds, packet sizes and throughput), troubleshoots problems and recommend procurement of and/or modifications to network components.
Clearance Required:
* TS/SCI
Degree and Years of Experience:
* Three (3) or more years' experience related to management of network infrastructure and boundary devices
Required Certifications:
* DoD 8570 IAT Level II certification (current)
* Possess, or be willing to obtain within 6-months of start date, an additional certification related to Networking (i.e., CCNA) and/or specific boundary devices/services.
Required Skills:
* Experience with installing, configuring, and managing Cisco routers and switches and other network devices (i.e., Network Attached Storage, Dell EMC Blade Servers and M1000e Enclosure, Compellent SANS environment, NETGEAR GS116Ev2 16-port Gigabit ProSAFE Plus switches, Raritan Dominion Console Server and KVM switch).
* Experience with configuring and debugging Dynamic Host Control Protocol (DHCP), Network Time Protocol (NTP), static and dynamic routing protocols (OSPF, EIGRP, RIPv2), Catalyst Switch Stacking, VTP configurations/802.1Q, and general inter-VLAN routing
* Experience with configuring and debugging RADIUS environment for network device authentication and authorization
* Experience with configuring and debugging NetFlow and Syslog
* Experience with configuring and debugging LDAP and Kerberos to interact with Active Directory infrastructure
* Ability to accurately calculate subnet masks and manage multiple VLAN environments without conflicts or unintended VLAN bridging
* Ability to analyze, isolate, resolve, and document complex network anomalies (connectivity issues, reachability, and remote-access)
* Ability to configure DHCP Snooping, ARP Inspection, and Private VLANs
* Ability to aggregate multiple Ethernet switch ports using Link Aggregation Control Protocol (LACP) or PAgP
* Ability to manage Palo Alto Next-Generation-Firewall (NGFW):
* Maintain updated PAN-OS and Global Protect VPN Client software
* Manage Firewall Security and NAT Policies
* Monitor Traffic Logs for Traffic, Threats, URL Filtering, Data Filtering, WildFire submissions, and Global Protect logins
* Monitor and Manage High Availability (HA) functionality between the Active and Passive firewalls and ensure both systems are fully synchronized for running configuration, software versions (App, Threat, Antivirus, PAN-OS, and Global Protect)
* Ability to use packet tracing tools to ensure security policies are matching and functional
* Familiar with fiber optic transceiver and fiber optic cable standards and implementation.
* Ability to research, recommend, and evaluate network performance, optimization, and security solutions
* Assist system engineers and cross organizational teams to formulate solutions in response to mission requirements
* Design and verify network solutions to support requirements for routing protocols, policy-based routing, traffic shaping, border gateway protocols, tunneling IP Security, network address translations, network security, firewall contexts, load-balancing, latency, data throughput, WAN acceleration, and monitoring
* Knowledge of networking, firewall configuration, and Virtual Private Networks (VPN)
* Experience with managing and configuring Palo Alto security appliances- including Global Protect VPN Client
* Conduct network performance testing to determine overall network health and isolate/resolve network latency issues
* Monitor Information Assurance Vulnerability Management (IAVM) Bulletins that pertain to your systems and promptly implement corrective or circumventing actions.
* Ability to conduct network performance tests
* Ability to harden systems by applying patches, firmware updates, STIGS, and other security compliance measures
* Expertise in core network technologies, standards and network fundamentals (e.g., IP routing, Ethernet switching, troubleshooting) LAN/WAN, Syslog, VPN, VLAN, DNS/DHCP
* Technical expertise in all areas of network and computer hardware and software interconnection and interfacing, such as routers, switches, firewalls, hubs, bridges, gateways, etc.
* Ability to develop and document network architecture diagrams, disaster recovery plans, etc.
* Possess a solid understanding of TCP/IP, network operating systems (Cisco IOS)
* Work off hours when required to perform maintenance activities, system upgrades and data migrations
Preferred Skills/ Qualifications:
* Experience working on Department of Defense (DoD) networks - USAF Standard Desktop Configuration (SDC)
* Experience in tracing lines
* Possess CCNP or a CCNA certification (5+ years).
Additional Requirements:
* May also need to pull cables to support the installation of new workspaces
SIM&S, Inc. is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other protected class.