Senior Network Engineer

Network Engineer (Sr.) Description/Role: Gathers user network requirements utilizing multiple methodologies to provide necessary technical documentation, system requirements documents, systems security requirements documents, and system test plan. Install, maintain, and evaluate network systems and communications systems. Troubleshoot and resolve network issues involving various protocols, topologies, networking hardware, etc. Provide support with network architecture design, feasibility, and cost studies. Utilize knowledge of internetworking, computer systems, routers, switches, firewalls, and peripherals to enhance understanding of current network designs and to collaborate with other team members to develop new network designs. Apply technical and business experience and understanding to improve processes and procedures for deploying and maintaining network infrastructure. Work independently and collectively to help improve network solutions and contribute to network service improvements. Responsible for design, deployment, testing, certification, patching, and addressing interoperability issues for all features, components, and application dependencies. To include switches, firewalls, load balancers, software defined networking, private cloud requirements, etc. Plans and performs network engineering research, design development, and other assignments in conformance with network design, engineering, and customer specifications. Works with a team of network engineers through project completion. Responsible for major technical/engineering projects of higher complexity and importance than those normally assigned to lower-level engineers.

This Task Area requires contractor personnel to have knowledge and experience in designing, acquiring, testing, deploying, and managing a large-scale network. A strong emphasis is placed on internetworking routing protocols, Internet, and large-scale network security architectural. Contractors knowledge of Multi-Protocol Label Switching, Virtual Private Networking (VPN) and private Internet Protocol networks is required. The contractor must have knowledge of telecommunications carriers, Internet Service Providers and Layer 2 Providers. This task area will support DOIs remote network access. The ESN Support contractor personnel are to:

• Serve as a technical expert and as a leader for Enterprise Engineering and Network Support Services agency wide.

• Create strategic roles, define strategy, and architecture to guide and constrain enterprise deployment of cloud systems and applications.

• Demonstrate deep practical experience in cloud networking integration and technology system

• Identification and development of lifecycle process. Create a cohesive approach to Network Engineering and Enterprise Network Systems Management.

• Have expertise in cloud computing, current application/system migration strategies, and computing trends.

• Have knowledge of cloud security, cloud networking integration, cloud data analytics, Machine Learning, and any Artificial Intelligence capabilities across mission areas. Have expertise in technical capabilities needed to enable zero trust architectures as outlined in Executive Orders, National Institute of Standards and Technology (NIST) guides, Technical Configurations, and Zero Trust Architectures.

• Show a deep understanding of network service routing supportive of implementing zero trust architecture-based capabilities.

• Manage, plan, design, develop, modify, implement, and monitor a wide variety of telecommunications service applications and associated software.

• Have implementation experience with cloud-based telephony (Microsoft Teams), video conferencing systems, mobile devices, and special category telecommunications.

• Work with customers and staff to define and recommend non-standard telephony requirements (e.g. non-traditional networking, microwave, cellular, analog phone lines, satellite connections, and non-attributed technologies), develop reasonable options, and conduct market research in the development of such recommendations and solution options. Assess solution options and support the implementation of these services or other services required and defined by the Government.

• Perform systems analysis and assessment to assure technical compatibility of new services or solutions with existing systems to maintain a secure and cohesive infrastructure.

• Have experience working with internal management stakeholders, vendors, and customers to provide technical input to the Government on new solutions and options, and to ensure services are delivered as required.

• Develop state-of-the-art techniques and approaches. Recommend hardware, software system control program changes, and overall telecommunications systems designs and configurations required in computer-to-computer networks for general-purpose telephony, secure telephony, and unified communication systems.

• Provide recommendations, suggestions/advice, and technical support on telecommunications systems. Serve as a systems technical expert for inquiries.

• Support users, staff, partners, and contractor personnel in all aspects of network processing, system and application design configurations, implementation planning, and installation/deinstallation of a wide range of telecommunication equipment, ranging from standard analog/digital telephone services to cloud-based communications technologies.

• Aid in determining site needs for additional hardware and software and providing recommended solutions to the Government to assist in requirements document preparation.

• Advise and provide recommendation on a variety of situations and issues that involve applying or adapting new techniques and concepts. Serve as a senior expert and consultant to mid-level and executive management, to provide suggestions/advice on integrating network systems with other mission support.

Responsibilities Include:

• System Upgrades - Creating the model system build for any new system changes.

• Testing new software - Adding new remote access related software.

• STIGS - Create Security Technical Implementation Guidelines (STIGs) for the remote access methods.

• Consulting services provide recommendations with requirements developing new or additional remote access services.

• Security testing provide recommendations with building and maintaining security testing tools related to remote access services.

• Remote Access arrangements and VPN Implementation Management - Using the overarching remote access strategy defined by the government, the contractor is to support installation and maintain the necessary components to securely terminate remote connections from the Internet. Responsible for configurations, testing and certifying an enterprise solution. Develop a plan to certify certain applications for use with the remote access system. Maintain a central repository of certified applications. Establish a process to keep repository accurate and up to date. Develop upgrade plans and strategies to implement HSPD-12 2-Factor Authentication.

• Mobile Remote Access Implementation Provide documented guidance to users of the remote access system in the proper use of capabilities. Provide training and education to bureau representatives in how to implement system components in their individual environments.
• Provide Tier 2 support in troubleshooting connectivity and usability issues. Recommend configuration settings to establish secure connectivity.
• Authentication and Authorization Implementation Provide technical support and guidance to Enterprise Active Directory Team to facilitate user authentication and authorization service as well as integration techniques used to deploy remote user credentials against an Enterprise Active Directory service.
• Remote Access Security Documentation Provide all documentation necessary for the remote access installations to meet Certification and Accreditation (CCA) requirements sufficient to assure their inclusion within the Enterprise Services Network CCAS
• Contractor Skills, Experience, and Ǫualifications Requirements: To meet the requirements of this effort and Task Area, the contractor shall provide personnel with expertise and experience with the following:
• • Cisco routing expertise (e.g., Open Shortest Past First (OSPF) protocol, Border Gateway Protocol (BGP) 4).
    
  • Fortinet routing expertise (e.g., Open Shortest Past First (OSPF) protocol, Border Gateway Protocol (BGP) 4).
    
  • Knowledge of router and switches sufficient to select appropriate equipment and produce physical design.
    
  • Expert knowledge of Internet Protocol (IP) v4 and IPv6.
    
  • Knowledge of VPN terminating equipment and client design. Specific knowledge of Cisco IPsec products and features.
    
  • Juniper Firewall.
    
  • Knowledge of access servers and access protocols such as radius and Terminal Access Controller Access Control System (TACACS) as well as authentication principles and backend user database integration. Network security knowledge to design and configure VPN access controls (Cisco and Juniper VPN configuration).
    
  • Knowledge of remote access technologies, such as Satellite and modem connectivity.
    
  • Knowledge of 2-Factor Authentication implementation.
    
  • Knowledge of Active Directory services for use in VPN user authentication
    
  • Knowledge of Network Cloud integration.
    
  • Knowledge of Zero Trust Architectures and Principles.
  • Knowledge of SASE controls and protocols.
  • Knowledge of IT Network Infrastructure.
  • Knowledge of WIFI Networks.
  • Knowledge of WIFI technologies, specifically the HP-ARUBA Secure Wireless Networks and Cisco.
  • Knowledge of Microsoft Office 365 automation products, including MS-Word, MS-Excel, MSPowerPoint, and MS-Project.
  • Knowledge of Microsoft Office 365 products, including email and calendars, and native Microsoft documents, presentations, spreadsheets, forms, and development and maintenance of Microsoft Office 365 sites.
  • Knowledge of Microsoft InTune.