Senior Network Engineer

VGroup Inc

Job Location:

Washington, DC - USA

Monthly Salary: Not Disclosed

Posted on: 13 days ago

Vacancies: 1 Vacancy

Job Summary

For more details please connect with Pawan Shrivastava at or email at

Direct End Client: Congressional Budget Office

Job Title: Senior Network Engineer

Duration: 60 Months

No. of Hours Per Week: 40 Hours Per Week

Start Date: 08/15/2026

Location: Washington DC 20515

Position Type: Contract

Interview Type: Phone or Skype or In-person

Requirement ID: CBONETW995PS

Candidate must have previous State Federal or other Government client experience

Description:

Department: IT Support Services for SENTRY

Description of Work (DOW) for:

Senior Network Engineering Services (SMA1)

1.1 Objectives

The Contractor shall provide Network Engineering Services that include designing implementing and maintaining secure network architectures that enforce Zero Trust principles including network segmentation micro-segmentation and least privilege access controls. The Contractor will ensure that all network devices including switches routers and perimeter systems are configured hardened and continuously monitored in accordance with federal security standards and industrys best practices. The Contractor shall provide advanced engineering operational and advisory support for the Congressional Budget Offices Cisco network environment. The objective of this support is to strengthen the security reliability and resilience of the network infrastructure while addressing identified Incident Response (IR) remediation requirements.

1.2 Scope of Work

The Contractor shall provide comprehensive engineering operational and advisory support to enhance secure and sustain CBOs enterprise network infrastructure. This effort is focused on remediating identified Incident Response (IR) findings strengthening network security posture and ensuring alignment with federal cybersecurity standards including NIST SP 800-53 NIST SP 800-207 (Zero Trust Architecture) and Cisco best practices. The Contractor shall design implement and maintain secure network architectures across CBOs Cisco-based environment including core distribution access and edge layers. This includes enforcing Zero Trust principles through network segmentation and micro-segmentation implementing least privilege access controls and integrating identity-aware network access mechanisms such as 802.1X.

The scope of work includes but is not limited to the following activities:

Enterprise Network Engineering: Design implement operate and optimize the Congressional Budget Offices Cisco-based network infrastructure including core distribution access and edge environments to ensure high availability scalability performance and resilience in support of mission requirements.
Network Security Architecture & Compliance: Implement and maintain network security controls aligned with NIST SP 800-53 NIST SP 800-207 (Zero Trust Architecture) and Cisco security best practices including continuous monitoring risk mitigation and network security posture management.
Network Access Control & Identity Integration: Engineer and enforce secure network access controls including 802.1X port-based authentication role-based access and integration with enterprise identity services to support Zero Trust principles and least-privilege access models.
Routing Switching & Infrastructure Services: Manage and support routing switching and network services (e.g. VLANs DNS DHCP VPNs) ensuring secure configuration optimal performance and alignment with organizational standards and policies.
Perimeter & Public-Facing Security: Secure and managing public-facing network infrastructure including firewalls remote access solutions and edge devices ensuring hardened configurations restricted access and continuous monitoring to prevent unauthorized access and external threats.
Network Monitoring & Security Operations Enablement: Implement and manage network monitoring logging and alerting capabilities integrating with enterprise SIEM and network detection and response (NDR) tools to enhance visibility threat detection and incident response readiness.
Vulnerability Management & Device Lifecycle: Establish and maintain a structured program for network device patching firmware updates vulnerability remediation and lifecycle management to ensure all infrastructure components remain secure compliant and supported.
Change Management & Documentation: Support formal change management processes maintain accurate network diagrams and configuration documentation and contribute to standard operating procedures to ensure transparency traceability and operational continuity.
Advisory & Technical Leadership: Serve as a senior technical advisor to CBO stakeholders collaborating with cybersecurity cloud and operations teams to resolve complex network issues improve architecture and support audits assessments and compliance initiatives.
Customer Service & Team Collaboration: Serve as the technical adviser for complicated service desk tickets and modifications to better support network operations while collaborating with cloud Microsoft engineering and cybersecurity teams.

1.2.1 Specific requirements / Tasks:

Implement and maintain network security controls aligned with NIST SP 800-53 including access control (AC) configuration management (CM) system and communications protection (SC) and audit and accountability (AU) control families.
Engineer and enforce Zero Trust network architecture principles in accordance with NIST SP 800-207 including network segmentation micro-segmentation and continuous verification of users and devices
Design and implement least-privilege network access controls ensuring role-based and identity-aware access across all network layers.
Deploy and manage 802.1X port-based network access control to prevent unauthorized device connectivity and enforce authentication at the network edge
Configure and maintain centralized logging and audit capabilities for all network devices ensuring logs are forwarded to enterprise SIEM platforms and retained in accordance with compliance requirements
Conduct continuous monitoring and vulnerability assessments of network infrastructure identifying risks and coordinating remediation in alignment with NIST Risk Management Framework (RMF) practices
Harden all network devices using secure configuration baselines (e.g. Cisco Secure Configuration Guides) including disabling unnecessary services enforcing strong encryption protocols and securing management interfaces
Secure public-facing and perimeter network assets by implementing strict ingress/egress filtering firewall rule optimization and multi-factor authentication for administrative access
Support incident response activities by providing network-level analysis containment actions (e.g. segmentation blocking malicious traffic) and forensic data collection
Establish and maintain secure network segmentation strategies to limit lateral movement and protect high-value assets and sensitive environments
Ensure all network changes follow formal change control processes with security impact analysis supporting compliance with NIST configuration management requirements
Lead or participate in security assessments audits and compliance reviews providing evidence documentation and remediation support as required
Continuously evaluate and enhance network security posture through adoption of emerging best practices threat intelligence and Cisco security innovations
Develop implement and maintain Network Standard Operating Procedures (SOPs); review and update all SOPs on at least an annual basis or as required to reflect changes in technology policy or security requirements
Document and maintain detailed hardware and configuration baselines for all network devices including Cisco switches routers firewalls and related infrastructure; conduct annual reviews and updates
Perform root cause analysis (RCA) for network incidents including performance degradation outages and security events; document findings and implement corrective and preventive actions
Establish implement and maintain automated network patch management and firmware update procedures in accordance with Cisco best practices and organizational security policies
Develop maintain and update comprehensive network diagrams that accurately reflect the CBO enterprise network architecture including cloud production and secure environments; review and update diagrams annually or as changes occur
Administer and troubleshoot enterprise DNS services including configuration changes issue resolution and performance optimization
Support continuous real-time monitoring of network infrastructure (24/7 operations) including integration with network management and security monitoring tools
Maintain accurate and up-to-date documentation of network configurations assets and operational procedures to support audit readiness and operational continuity

1.3 Key Personnel

The following role is anticipated to be required for this work and is considered Key Personnel in accordance with SOW paragraph 2.9.

Senior Network Engineer

1.3.1 Key Personnel Requirements

The Contractor shall provide personnel who meet the following specific requirements:

1.3.2 Required Credentials

The candidate(s) provided by the Contractor must have the following current credentials:

These (or their equivalent prior certifications) should have been maintained for a minimum of 5 years. Expired certifications or certifications never used professionally will not be considered.

1.4 Government Furnished Equipment and Information

Pursuant to SOW paragraph 2.5 Government-Furnished Property the Government will provide the following to perform the tasks outlined in this Description of Work

V Group Inc. is an IT Services company which supplies IT staffing project management and delivery services in software network help desk and all IT areas. Our primary focus is the public sector including state and federal contracts. We have multiple awards/ contracts with the following states: AR CA DE FL GA IL KY MD ME MI NC NJ NY OH OR PA SC TX VA and WA. If you are considering applying for a position with V Group or in partnering with us on a position please feel free to contact me for any questions you may have regarding our services and the advantages we can offer you as a consultant.

Please share my contact information with others working in Information Technology.

Website:

LinkedIn:

Facebook:

Twitter:

For more details please connect with Pawan Shrivastava at or email at Direct End Client: Congressional Budget Office Job Title: Senior Network Engineer Duration: 60 Months No. of Hours Per Week: 40 Hours Per Week Start Date: 08/15/2026 Location: Washington DC 20515 Position Type: Contract Int...

For more details please connect with Pawan Shrivastava at or email at

Direct End Client: Congressional Budget Office

Job Title: Senior Network Engineer

Duration: 60 Months

No. of Hours Per Week: 40 Hours Per Week

Start Date: 08/15/2026

Location: Washington DC 20515

Position Type: Contract

Interview Type: Phone or Skype or In-person

Requirement ID: CBONETW995PS

Candidate must have previous State Federal or other Government client experience

Description:

Department: IT Support Services for SENTRY

Description of Work (DOW) for:

Senior Network Engineering Services (SMA1)

1.1 Objectives

1.2 Scope of Work

The scope of work includes but is not limited to the following activities:

Enterprise Network Engineering: Design implement operate and optimize the Congressional Budget Offices Cisco-based network infrastructure including core distribution access and edge environments to ensure high availability scalability performance and resilience in support of mission requirements.
Network Security Architecture & Compliance: Implement and maintain network security controls aligned with NIST SP 800-53 NIST SP 800-207 (Zero Trust Architecture) and Cisco security best practices including continuous monitoring risk mitigation and network security posture management.
Network Access Control & Identity Integration: Engineer and enforce secure network access controls including 802.1X port-based authentication role-based access and integration with enterprise identity services to support Zero Trust principles and least-privilege access models.
Routing Switching & Infrastructure Services: Manage and support routing switching and network services (e.g. VLANs DNS DHCP VPNs) ensuring secure configuration optimal performance and alignment with organizational standards and policies.
Perimeter & Public-Facing Security: Secure and managing public-facing network infrastructure including firewalls remote access solutions and edge devices ensuring hardened configurations restricted access and continuous monitoring to prevent unauthorized access and external threats.
Network Monitoring & Security Operations Enablement: Implement and manage network monitoring logging and alerting capabilities integrating with enterprise SIEM and network detection and response (NDR) tools to enhance visibility threat detection and incident response readiness.
Vulnerability Management & Device Lifecycle: Establish and maintain a structured program for network device patching firmware updates vulnerability remediation and lifecycle management to ensure all infrastructure components remain secure compliant and supported.
Change Management & Documentation: Support formal change management processes maintain accurate network diagrams and configuration documentation and contribute to standard operating procedures to ensure transparency traceability and operational continuity.
Advisory & Technical Leadership: Serve as a senior technical advisor to CBO stakeholders collaborating with cybersecurity cloud and operations teams to resolve complex network issues improve architecture and support audits assessments and compliance initiatives.
Customer Service & Team Collaboration: Serve as the technical adviser for complicated service desk tickets and modifications to better support network operations while collaborating with cloud Microsoft engineering and cybersecurity teams.

1.2.1 Specific requirements / Tasks:

Implement and maintain network security controls aligned with NIST SP 800-53 including access control (AC) configuration management (CM) system and communications protection (SC) and audit and accountability (AU) control families.
Engineer and enforce Zero Trust network architecture principles in accordance with NIST SP 800-207 including network segmentation micro-segmentation and continuous verification of users and devices
Design and implement least-privilege network access controls ensuring role-based and identity-aware access across all network layers.
Deploy and manage 802.1X port-based network access control to prevent unauthorized device connectivity and enforce authentication at the network edge
Configure and maintain centralized logging and audit capabilities for all network devices ensuring logs are forwarded to enterprise SIEM platforms and retained in accordance with compliance requirements
Conduct continuous monitoring and vulnerability assessments of network infrastructure identifying risks and coordinating remediation in alignment with NIST Risk Management Framework (RMF) practices
Harden all network devices using secure configuration baselines (e.g. Cisco Secure Configuration Guides) including disabling unnecessary services enforcing strong encryption protocols and securing management interfaces
Secure public-facing and perimeter network assets by implementing strict ingress/egress filtering firewall rule optimization and multi-factor authentication for administrative access
Support incident response activities by providing network-level analysis containment actions (e.g. segmentation blocking malicious traffic) and forensic data collection
Establish and maintain secure network segmentation strategies to limit lateral movement and protect high-value assets and sensitive environments
Ensure all network changes follow formal change control processes with security impact analysis supporting compliance with NIST configuration management requirements
Lead or participate in security assessments audits and compliance reviews providing evidence documentation and remediation support as required
Continuously evaluate and enhance network security posture through adoption of emerging best practices threat intelligence and Cisco security innovations
Develop implement and maintain Network Standard Operating Procedures (SOPs); review and update all SOPs on at least an annual basis or as required to reflect changes in technology policy or security requirements
Document and maintain detailed hardware and configuration baselines for all network devices including Cisco switches routers firewalls and related infrastructure; conduct annual reviews and updates
Perform root cause analysis (RCA) for network incidents including performance degradation outages and security events; document findings and implement corrective and preventive actions
Establish implement and maintain automated network patch management and firmware update procedures in accordance with Cisco best practices and organizational security policies
Develop maintain and update comprehensive network diagrams that accurately reflect the CBO enterprise network architecture including cloud production and secure environments; review and update diagrams annually or as changes occur
Administer and troubleshoot enterprise DNS services including configuration changes issue resolution and performance optimization
Support continuous real-time monitoring of network infrastructure (24/7 operations) including integration with network management and security monitoring tools
Maintain accurate and up-to-date documentation of network configurations assets and operational procedures to support audit readiness and operational continuity

1.3 Key Personnel

The following role is anticipated to be required for this work and is considered Key Personnel in accordance with SOW paragraph 2.9.

Senior Network Engineer

1.3.1 Key Personnel Requirements

The Contractor shall provide personnel who meet the following specific requirements:

1.3.2 Required Credentials

The candidate(s) provided by the Contractor must have the following current credentials:

These (or their equivalent prior certifications) should have been maintained for a minimum of 5 years. Expired certifications or certifications never used professionally will not be considered.

1.4 Government Furnished Equipment and Information

Pursuant to SOW paragraph 2.5 Government-Furnished Property the Government will provide the following to perform the tasks outlined in this Description of Work

Please share my contact information with others working in Information Technology.

Website:

LinkedIn:

Facebook:

Twitter: