LEAD FIREWALL/PERIMETER SECUR ENGINEER

at  Navy Exchange Service Command

Job Number: 250000CX
Primary Location: United States-Virginia-Virginia Beach
Organization: NEXCOMHQ
Pay Range: $78,753 to $99,961 Based upon experience
Job Summary: Lead Network Specialist responsible for overall enterprise-wide security controls including evaluation planning design installation administration and support of IT security systems including hardware configurations appliances software services and troubleshooting for assigned NES activities. Is a top-level technical contributor with advanced knowledge and experience in the area of network security technologies and related hardware software. Responsible for overall review and monitoring of the security for IT security enterprise-wide. Responds to incidents that may impact enterprise security. Works to identify risk elements and offers solutions to mitigate that risk.

Incumbent of this position must be U.S. Citizen.

• Studies vendor products to determine those that best meet organizational needs. Performs cost-analysis of proposed implementations. Presents information to management, which may result in purchase of hardware and software to support the networking enterprise environment from an IT infrastructure security perspective.
• Responsible for research and development of new technologies used to secure NEXCOM’s local and wide area network, workstation and servers. Responsible for security design and testing new products to determine the most advantageous means of implementing and integrating the equipment with current IT infrastructure.
• Manage, monitor, and identify risk for all NEXCOM Internet, Intranet, and Extranet activities. Identify security exposures that may currently exist or may pose a potential future threat to the NEXCOM enterprise. Propose solutions.
• Lead and mentors team and staff members regarding enterprise IT infrastructure security.
• Participates in a 24-hour/7day on-call rotation for IT infrastructure security.
• Complies with DoD, DoN, NAVSUP, PCI, NEXCOM and industry best security practices, standards, and policy directives.
• Establish, configure and maintain both the internal/trusted network and service network security standards and polices. Establish appropriate firewall and proxy server policies, both inbound and outbound.
• Serves as the main point of contact for IT network security related projects which are identified by the command.
• Leads team to configure, maintain, and manage all IT security-related devices including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Firewalls, Proxy Servers, SFTP servers, etc.
• Provides monitoring and analysis on the output of security devices, including logs, application output, etc. and providing reporting to all levels within the command on risk identification and assessment.
• Acts as a member of the Incident Response Team, identifying the threat, and taking the proper steps to correct the problem.
• Stays current on security threats, mitigation, and technology, and provides recommendations to all levels of the Information Systems department.
• Performs other duties as assigned.

GENERAL EXPERIENCE: 3 years of experience in administrative, technical work, which demonstrated the ability and aptitudes required to perform technical, managerial, or analytical work and coordination involving management information systems.
OR
SUBSTITUTION OF EDUCATION FOR EXPERIENCE: 1 year of academic study above the high school level may be substituted for 9 months of experience, up to a maximum of a 4 year bachelor’s degree for 3 years of general experience.