Apply on Employer Site

Leidos · 7 hours ago

Cyber Network Engineer

Lorton, VA

Full-time

Onsite

Senior Level, Lead/Staff

$108K/yr - $195K/yr

8+ years exp

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. The Cyber Network Engineer will be responsible for designing, implementing, and maintaining secure network infrastructure to support the Department of Homeland Security's cybersecurity and information assurance services.

ComputerGovernmentInformation ServicesInformation TechnologyNational SecuritySoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Implement and maintain secure network architectures (e.g., segmentation, zoning, DMZs, zero-trust-aligned designs) in accordance with organizational policies and industry best practices

Support vulnerability management efforts by assisting with scans, reviewing network-related findings, and implementing remediation (e.g., ACL changes, firewall rule updates, network device patching)

Monitor network performance, availability, and security using enterprise monitoring tools; identify and resolve issues proactively

Create and maintain network documentation, including diagrams, IP address management, configuration baselines, and SOPs

Collaborate with cybersecurity, systems, and application teams to ensure network designs support security, performance, and scalability requirements

Participate in incident response activities involving network components (e.g., traffic captures, log analysis, isolation/containment actions)

Assist with audits and compliance activities by providing network configurations, evidence, and technical explanations as needed

Maintain all Body of Evidence (BOE) documentation for which they are the prime author for the duration of the contract. The Contractor shall update the documentation to correspond with product updates released in response to software updates and patches. The Contractor shall document all changes to the security posture of the system and provide those documents to the government for review and approval

Qualification

Cisco routingSwitchingPalo Alto firewallsNetwork security conceptsNetwork monitoring toolsVulnerability managementTroubleshooting skillsCloud environmentsAutomationScriptingIncident responseCommunication skillsCollaboration skillsDocumentation skills

Required

Bachelor's degree in Information Technology, Computer Science, Engineering, or related field and 8+ years of experience; or additional equivalent combination of education and experience may be considered in lieu of a degree

US Citizen, An active TS/SCI security clearance is required

5–8+ years of hands-on experience as a Network Engineer (or similar role) supporting enterprise networks

Strong experience with Cisco routing and switching (e.g., BGP, OSPF, EIGRP, VLANs, STP, EtherChannel, QoS) in medium-to-large enterprise environments

Demonstrated experience managing Palo Alto next-generation firewalls (including security policies, NAT, VPNs, and Panorama) and Cisco firewall/VPN solutions (e.g., ASA, Firepower)

Solid understanding of network security concepts: segmentation, least privilege, zero trust principles, IDS/IPS, NAC, and secure remote access

Familiarity with vulnerability management tools and processes, and the ability to interpret and act on scan results related to network devices

Experience with network monitoring and logging tools (e.g., SolarWinds, Splunk, ELK, or similar)

Strong troubleshooting skills across OSI layers 1–7, including packet capture and analysis (e.g., Wireshark)

Excellent written and verbal communication skills, with the ability to document and explain complex technical topics to both technical and non-technical stakeholders

Preferred

Current industry certifications such as Cisco CCNA/CCNP, Palo Alto PCNSA/PCNSE, Network+, Security+, CySA+, CISSP, or equivalent

Experience working in regulated or compliance-driven environments (e.g., FISMA, FedRAMP, NIST 800-53, HIPAA, PCI-DSS, etc.)

Experience supporting hybrid or cloud environments (e.g., AWS, Azure, GCP) including cloud networking and security services (VPCs, security groups, transit gateways, etc.)

Experience with automation and scripting for network tasks (e.g., Python, Ansible, PowerShell)

Experience with Zero Trust architecture and modern identity-centric security models