Team Lead Firewall Administrator

We are looking for a Team Lead Firewall Administrator to join our team in support of a program with a DoD customer.

Responsibilities Include:

• Provide overall supervision for vendor employees to include, but not limited to, planning, and managing the project professionally, ensuring that work is scheduled properly to obtain maximum use of resources; ensuring that accurate and timely reports are provided.
• Resolve problems, allocate resources, manage personnel, and monitor operation performance taking direction from the government to ensure complete satisfaction.
• Under general supervision, develop the requirements of a product from inception to conclusion.
• Develop required specifications for simple to moderately complex problems.
• Coordinate with the Vendor PM, TPOCs, and government user representatives to ensure accurate solutions and user satisfaction on technical matters.
• Provide input to the PM on the schedule, weekly and monthly reports, transition plan, 8570/8140 reports, IPR briefings, and kick-off meeting.
• Plan and deploy Enclave Boundary Defense systems and programs including firewall, proxy server, cloud services and other devices and applications.
• Plan and deploy De-Militarized Zones (DMZs) for each managed firewall as required.
• Provide onsite and remote support to boundary security and programs, which include Checkpoint Firewalls, Aviatrix Product Suite, various types of cloud security, security controls and any other platforms.
• Participate in the development, testing, and implementation of firewalls and proxy servers
• Verify devices are configured in accordance with DISA Security Technical Implementation Guides (STIGs).
• Product lifecycle management and upgrades to include installation of hotfixes, patches, and any other features to improve product performance.
• Evaluate and recommend firewall solutions for technology refreshes.
• Deploy and sustain new firewall solutions as prescribed by the government.
• Coordinate with Tier III support teams and government customers throughout design, planning, implementation, and sustainment phases.
• Research and provide quotes and documents necessary to renew licenses and equipment maintenance for firewall, proxy and cloud services.
• Maintain all current applicable firewall, proxy appliance and cloud services policies to include DoD. Participate in the development, implementation, and maintenance of a secure and effective means of remote access for employees who are working offsite.
• Develop and deliver briefings to the upper-level management as required on a variety of subjects relating to Enclave Boundary Defense.
• Provide firewall troubleshooting (24x7x365 on-call support).
• Review and resolve automated firewall log issues as to threats or possible compromises.
• Provide daily maintenance and support for all Enterprise Boundary Defense systems including monitoring system and log files.
• Review and resolve automated firewall log issues as to threats or possible compromises.
• Notify appropriate personnel of possible threats or systems vulnerabilities.
• Respond appropriately to reported or identified incidents in accordance with the Incident response plan.
• CSP Security Posture Assessment:Conduct comprehensive security assessments of existing and planned CSP deployments, identifying vulnerabilities and recommending remediation actions aligned with industry best practices and relevant security frameworks (e.g., NIST CSF, CIS and Benchmarks).
• Security Architecture Documentation, Design and Implementation:Document, design, implement, and maintain secure network architectures for CSP environments, including secure connectivity, network segmentation, intrusion detection/prevention systems (IDS/IPS), and data loss prevention (DLP) solutions. Maintaining comprehensive documentation of security controls, configurations, and processes within the CSP environment.
• Cloud Security Operations and Monitoring:Provide continuous security monitoring and incident response capabilities for CSP environments, including log analysis, threat intelligence integration, vulnerability management, and incident response planning and execution.
• Audit, Compliance and Governance:Ensure compliance with relevant security regulations and standards (e.g., FedRAMP, FISMA, NIST) for CSP environments, including documentation, reporting, and audit support. Cooperating fully with authorized Government audits and assessments of the CSP environment, providing timely access to documentation, systems, and personnel. Follow DoD Cloud Computing Security Requirements Guide (SRG) and other applicable DoD issuances and instructions.
• Training and Knowledge Transfer:Provide training and knowledge transfer to Government personnel on best practices for securing CSP environments, covering topics such as cloud security fundamentals, secure configuration, threat detection and response, and incident management.

Required Skills, Qualifications, and Experience:

• Experience:
  
  
  
  • Five (5) years relevant experience to include:
    
    
    
    • Working knowledge and understanding of CheckPoint firewalls to include versions R80.40 and R81.10 and industry standard network environments to include firewall and security hardware/software. Must have knowledge and understanding of Information Assurance Best Practices.
    • In depth knowledge of LAN and WAN operations, understanding of how to use Incident Ticket Tracking systems for inputting incident tickets and creating work orders along with a comprehensive knowledge of DOD and DLA security regulations, guidelines, and policies to include, but not limited to, IA standards.
    • Hands-on experience with the installation, configuration, and day-to-day sustainment of network equipment, to include but not limited to firewalls, proxy servers, cloud services and other network appliances.
    
    
    
    
  • Security Clearance:
    
    
    
    • Must possess IT-I Critical Sensitive security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC).
    • Clearance Required: DoD Secret
    
    
    
    
  • Certifications:
    
    
    
    • IAT Level II certification or higher (must have one of the following): CCNA Security, CySA+, GICSP, GSEC, Security+CE, CND, SSCP, CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH, or CCSP.
    • Computing Environment (must have one of the following): CCSA, CCSE or CCSM
    
    
    
    
  • Location:
    
    
    
    • Candidates must reside within a commutable distance of one of the following locations in order to work onsite full time: Columbus, OH; Fort Belvoir, VA; or New Cumberland, PA.
    
    
    
    
  
  
  
  

Preferred Qualifications:

• One of the following: AWS Cloud Practitioner, Microsoft Certified: Azure Fundamentals, or Comp TIA Cloud+

Work Environment and Physical Demand:

• Must be able to lift up 50 lbs.

Compensation: $90,000+