Senior Cybersecurity & Network Systems Engineer

Title:

Program Summary

The Test Enterprise Network Modernization (TENM) program is a multiyear Army initiative focused on modernizing network infrastructure wireless systems deployable communications and cybersecurity capabilities across CONUS and OCONUS test centers. Under a highly structured TDLdriven delivery model TENM integrates site surveys engineering design equipment modernization installation testing cybersecurity accreditation logistics training and transition support to ensure resilient scalable and missionready networks for Army test activities. The program demands disciplined technical execution in accordance with UFC standards RMF cybersecurity requirements CHESS acquisition rules and a comprehensive deliverables framework spanning TNMPs TDPs drawings IUID reporting ATP/SAT and RMF artifacts. The Senior Networking Systems Engineer plays a pivotal role in shaping and delivering these engineered solutionsleading technical assessments designing modern architectures guiding installation and testing ensuring compliance and supporting seamless site transitions across a diverse and evolving portfolio of Army test environments.

Job Summary

The Senior Cybersecurity & Network Systems Engineer leads modernization security engineering and network architecture efforts across Army test range environments within the TENM program. Leveraging deep expertise in Cisco ACI SDAccess identity & access management Zero Trust Architecture containerized environments and NISTaligned cybersecurity engineering this role develops secure enterprise and deployable network solutions performs site surveys authors TNMP/TDP inputs implements STIG and RMF requirements and supports ATP/SAT validation activities. The engineer provides handson configuration system hardening network migration execution zero trust integration and crossplatform troubleshooting while ensuring all TENM deliverables (drawings artifacts diagrams documentation training inputs) meet Army standards and program objectives.

Roles and Responsibilities

Network Modernization & Engineering

Engineer harden and deploy enterprise-grade network solutions including Cisco ACI/APIC SD-Access VLAN segmentation AAA/TACACS and secure routing/switching architectures.

Lead site surveys spectrum assessments infrastructure validation OPSEC-compliant data gathering and deliver inputs to the Test Network Modernization Plan (TNMP).

Support creation and updates to Technical Direction Plans (TDPs) including equipment strategy risk identification ROM inputs SLAs and cyber requirements.

Lead modernization of legacy environments to NIST-aligned architectures while maintaining operational continuity.

Cybersecurity Engineering & RMF/STIG Integration

Apply NIST RMF and Zero Trust principles to all network modernization efforts.

Develop STIG and eSTIG checklists perform vulnerability scans document findings and support POA&M development.

Architect and implement Zero Trust and IAM solutions using technologies such as Keycloak Pomerium PacketFence and identity-centric access controls.

Deploy and tune IDS/IPS tools such as Suricata integrate with OPNsense and enhance monitoring with Grafana/Prometheus.

DevOps Automation & Modern Platform Integration

Automate configurations and infrastructure using Ansible Terraform Helm Docker Kubernetes and other automation frameworks.

Support the engineering of containerized security labs overlay networks distributed K8s clusters and secure cloud-adjacent architectures.

Testing Validation & Acceptance (Aligned to C.5.4.6)

Support development and execution of Acceptance Test Plans (ATP) and Site Acceptance Tests (SAT) for network cybersecurity and system performance verification.

Conduct integration testing across modernized Cisco and containerized systems.

Documentation Reporting & Compliance (Aligned to C.5.1)

Generate technical diagrams TNMP/TDP inputs security artifacts trip reports and network documentation in accordance with Army deliverable standards.

Maintain accurate configuration baselines contribute to QMP/Safety plan inputs and provide status inputs for the Monthly Status Report (MSR).

Ensure all actions follow CHESS/IT procurement rules IUID requirements and DoD cybersecurity training/clearance requirements.

Basic Qualifications

Bachelors degree in related field and 7 years of cybersecurity and network engineering experience supporting federal or enterprise environments.

Strong hands-on experience with Cisco ACI/APIC SD-Access AAA/TACACS VLAN segmentation.

Demonstrated capability implementing NIST-aligned cybersecurity controls and Zero Trust architectures.

Experience with IAM solutions including Keycloak policy-based authentication and SSO federations.

Hands-on experience with Docker Kubernetes Helm Proxmox VE and infrastructure automation.

Experience operating IDS/IPS systems (Suricata) OPNsense Grafana and packet analysis platforms.

CompTIA Security and A certifications.

Preferred Qualifications

Experience supporting RMF eMASS package inputs STIG compliance and vulnerability remediation.

Familiarity with Army networks TDL/TDP processes and DISA STIG/SRG baseline configurations.

Experience with wireless surveys RF spectrum analysis and site infrastructure validation.

Experience with deployment of Zero Trust overlays (OpenZiti Pomerium) and NAC solutions (PacketFence).

Exposure to Cisco Security training: SCOR SAUI CBROPS.

Experience with large migration efforts Windows Server 2016 networking/identity and secure endpoint integration.

Familiarity with CHESS procurement processes and IUID-tagging environments.

KBR Benefits

KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match medical dental vision life insurance AD&D flexible spending account disability paid time off or flexible work schedule. We support career advancement through professional training and development.

Belong Connect and Grow at KBR

At KBR we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to and ongoing journey toward being a People First company. That commitment is central to our team of teams philosophy and fosters an environment where everyone can Belong Connect and Grow. We Deliver Together.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color religion disability sex sexual orientation gender identity or expression age national origin veteran status genetic information union status and/or beliefs or any other characteristic protected by federal state or local law.