WAN Security Engineer

Overview Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism. WAN Security Engineers support Enterprise-class network security technologies, which include network firewalls, web proxy appliances, and Network Access Control solutions for the RCC-SWA. The WAN Security Engineers are responsible for the operations and maintenance (O&M) of the enterprise-class network security technologies, including troubleshooting, optimization, administration, change management, and technical documentation. The core network technologies include Cisco ASA Firewalls, Cisco DMZ Switches, Broadcom BlueCoat, VPN Concentrators, and Cisco Secure Access Control System. The engineer will work on site alongside the Security Operations team to become thoroughly familiar with unique processes and requirements relative to the Department of Defense (DoD) specific configurations and challenges. Program: OMDAC-SWACA This position offers company-paid housing and transportation, a completion bonus, and a tuition reimbursement program! You must satisfy all host country requirements to legally work in the host country to be qualified for this position. Responsibilities

1. Provide enterprise-level customer support for all requests to modify network firewall access-lists.
2. Manage access control to all network devices in the theater.
3. Troubleshoot and resolve web browsing issues.
4. Support requests for services hosted in the demilitarized zones (DMZ).
5. Assist with identifying malicious web activity.
6. Ensure that all technologies that are managed are compliant with all current DISA Security Technical Implementation Guides (STIGs).
7. Perform regular system maintenance in support of IAVA vulnerabilities and CCRI Compliance.
8. Provide network security policy recommendations, project planning, change control, firewall management, and access control list (ACL) management.
9. Have extensive knowledge in certificate-based authentication for VPN Concentrators to allow Virtual Private Network (VPN) connections.
10. Create and maintain BlueCoat ProxySG web filtering policy, BlueCoat Reporter database, and BlueCoat Content Analysis System (CAS) scanning definitions.
11. Possess working knowledge of proxy servers and security (Web Cache Communication Protocol, browser interaction, and filtering/authentication).
12. Demonstrate proven ability to troubleshoot TCP/IP layer issues via PCAP and SSL/TLS issues via Policy-Trace on the Bluecoat and/or PCAP software such as WireShark.
13. Support authentication, authorization, accounting (AAA) & auditing for all network devices and maintain records for accounts in Cisco ACS.
14. Knowledge and ability to troubleshoot routing protocols: EIGRP, RIP, OSPF, BGP, and MPLS.
15. Ability to implement standard and extended access-lists.