Network Security Engineer IPSEC,IKEv1 to IKEv2,VPN W2 position

Responsibilities::

Review approximately 80 existing site-to-site IPsec VPN tunnels

Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2

Ensure VPN configurations align with organizational cryptographic standards

Update pre-shared keys (PSKs) to meet a minimum 20-character requirement

Validate VPN tunnel functionality after each change

Review approximately 10 firewall access control rules on Cisco Firepower

Modify firewall rules to remove overly permissive or broad subnet access

Restrict firewall rules to required source/destination networks ports and protocols

Apply principle of least privilege in firewall rule updates

Perform validation testing after firewall changes to confirm no service disruption

Coordinate implementation activities with UC Davis campus teams and external partners

Support execution of approved maintenance window changes

Provide technical assistance during implementation activities

Document VPN and firewall changes and validation results

Coordinate cryptographic parameter and shared secret updates with external partners

Support scheduling and execution of maintenance window activities

Required Technical Experience

Experience managing site-to-site IPsec VPNs

Hands-on experience upgrading VPNs from IKEv1 to IKEv2

Experience configuring and validating VPN tunnel connectivity

Knowledge of cryptographic standards and secure key management practices

Experience managing firewall access control rules

Experience with Cisco Firepower firewall platforms

Ability to implement least privilege network access controls

Experience performing post-change validation and troubleshooting network issues

Experience coordinating technical changes with internal teams and external partners

Experience working within structured maintenance window processes

Preferred Qualifications

Experience in healthcare or higher education IT environments

Familiarity with large-scale enterprise network environments

Experience supporting change management processes in production environments

Desired Certifications

Cisco CCNA Security or CCNP Security (or equivalent experience)

CompTIA Security or equivalent security certification

ITIL Foundation (preferred).

Regards

Mohammed Ilyas

PH - or text - or you can share the updated resume of com

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Remote Work :

No

Employment Type :

Contract