Network Engineer

The Leidos Digital Modernization Sector is currently pursuing a new opportunity and is seeking a Network Engineer to work in Tampa FL to play a crucial role in a landmark Zero Trust (ZT) surge initiative for our client. This is an exciting opportunity to use your experience helping the U.S. Special Operations Command (USSOCOM) Enterprise Development Application and Training (EDAT) mission. In this mission we are focused on providing innovative data-driven solutions and enterprise architecture enhancements to enable seamless operations across USSOCOMs global network. The program emphasizes rapid development and deployment of technologies to enhance the mobility and readiness of Special Operations Forces (SOF) in both combat and non-combat scenarios. Key tasks include program management application development training support and technology integration to maintain USSOCOMs operational edge. The EDAT program underscores agility and adaptability ensuring SOF professionals have access to the information and tools they need to meet evolving mission requirements.

As a key member of our expert team you will be responsible for the design implementation maintenance and security of network infrastructure aligned with Zero Trust principles. You will provide enterprise and tactical infrastructure expertise contributing significantly to the initial Iplan creation and the subsequent multi-year ZT engineering and operational efforts. This position directly maps to the DoD 8140 Network Technician (Work Role ID: 442) Advanced level requiring robust technical skills in network engineering security and troubleshooting within complex environments.

The Leidos Digital Modernization Sector provides a diverse portfolio of systems solutions and services covering land sea air space and cyberspace for customers worldwide. Solutions for Defense include enterprise and mission IT large-scale intelligence systems command and control geospatial and data analytics cybersecurity logistics training and intelligence analysis and operations support. Our team is solving the worlds toughest security challenges for customers with cant fail missions.

We will rely on your expertise in architecting implementing and securing advanced network solutions for mission-critical operations Join Kentro where our unwavering focus s on supporting the mission. This role provides a unique platform to apply your deep network engineering expertise to USSOCOMs transformative Zero Trust journey directly enhancing the connectivity security and operational capabilities of Special Operations Forces.

You will collaborate closely with Cybersecurity Architects Cybersecurity Engineers and other specialists contributing to the practical application of ZT principles across the network fabric and leveraging advanced networking and security technologies.

This position is a hybrid position You will work from home and need to be onsite at MacDill AFB when needed.

What we would like you to do:
As the Network Engineer for this Zero Trust initiative you will:
Design implement configure and maintain secure network infrastructure (routers switches firewalls VPNs IDS/IPS network access control solutions) aligned with Zero Trust principles for USSOCOMs Greenfield (SOCRATES) and Brownfield (SOFNET-U/S) environments.
Develop and implement network segmentation and micro-segmentation strategies to support Zero Trust security objectives.
Ensure network designs and implementations comply with DoD ZT mandates (91 target activities by FY27 61 advanced activities by FY33) and relevant security policies (e.g. STIGs).
Monitor network performance availability and security utilizing tools like SIEM platforms and network analysis tools to identify and respond to anomalies incidents and potential threats.
Troubleshoot complex network connectivity and performance issues performing repairs and coordinating updates as necessary.
Implement and manage network security controls including access control lists (ACLs) firewall policies and intrusion detection/prevention rule sets.
Support the integration of network telemetry and security data into the broader Zero Trust visibility and analytics framework.
Develop and maintain comprehensive network documentation including diagrams configurations operational procedures and contributions to the ZT Iplan.
Collaborate with cybersecurity architects and engineers to ensure network security is integrated into overall system designs and ZT architecture.
Provide input to the Risk Management Framework (RMF) process activities related to network infrastructure.
Manage network OS backups recovery processes and IOS upgrades.
Configure and manage DHCP DNS and PKI-related network services.
Support the deployment and configuration of network sensors and TAPs as part of a distributed sensor grid.
Consult with customers and stakeholders regarding network system design maintenance and ZT implications.

What we have to see from you:
Security Clearance: Active Top Secret clearance with SCI (Sensitive Compartmented Information) eligibility is required.
Education: Bachelor of Science (BS) degree in Information Technology Cybersecurity Computer Science Engineering or a related field.
Experience: A minimum of eight(8) years of progressive experience in network engineering with a strong focus on network security design implementation and operations. Experience supporting DoD or USSOCOM environments is highly preferred.

Certifications Required:

• Cisco CCIE Security or CCIE Enterprise OR Cisco CCNP Enterprise or CCNP Security (preferably with a concentration like 300-715 SISE - Cisco SD-WAN Implementation or 300-735 SAUTO - Automating and Programming Cisco Security Solutions)OR Forescout Certified Professional (FSCP)

Conditional Alternative (one of these may be considered with strong network engineering and security experience):

• Palo Alto Networks Certified Network Security Administrator (PCNSA) or Palo Alto Networks Certified Network Security Engineer (PCNSE)

• GIAC Defensible Security Architecture (GDSA) - Preferred

Key Skills and Knowledge (Aligned with DoD 8140 KSATs for Network Technician - Advanced):

• Expertise in computer networking concepts (TCP/IP OSI model routing switching) protocols (OSPF EIGRP BGP MPLS) and network security methodologies.

• Deep understanding and practical application of Zero Trust principles to network design and security.

• Proficiency in configuring managing and troubleshooting enterprise-grade network hardware (Cisco Juniper Palo Alto Networks etc.) and software.

• Strong knowledge of network security controls and design principles (firewalls DMZs VPNs IDS/IPS NAC encryption).

• Experience with network segmentation micro-segmentation and Software-Defined Networking (SDN) concepts.

• Skill in using network monitoring management and analysis tools (e.g. SIEM SolarWinds Wireshark).

• Knowledge of risk management processes and the ability to identify and mitigate network-related security risks.

• Familiarity with STIGs and skill in applying STIG upgrades to network devices.

• Understanding of cloud computing service models (SaaS IaaS PaaS) deployment models (private public hybrid) and their network security implications.

• Knowledge of PKI certificate management and encryption functionalities within a network context.

• Ability to characterize network traffic for trends and patterns and create rules/alerts for traffic validation and intrusion detection.

• Experience with WAN technologies (PPP Frame Relay T1s ISDN) and routing protocols.

• Knowledge of cybersecurity principles cyber threats vulnerabilities and the specific operational impacts of cybersecurity lapses.

• Familiarity with Active Directory non-Active Directory domains (LDAP) and federated services.

• Skill in cable management router IOS backup/recovery/upgrade and implementing DHCP/DNS.

• Ability to troubleshoot complex computer software and hardware issues related to network connectivity.

• Understanding of national and international laws regulations policies and ethics as they relate to cybersecurity and network operations.

• Excellent problem-solving skills and the ability to work effectively under pressure in mission-critical environments.

• Strong communication and documentation skills.

• Experience with USSOCOM SOF environments or other DoD agencies is a significant advantage.

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.