Network Security Assurance & Remediation Analyst

DNI is providing Network Support to all of the Indian Health Services facilities across the nation. This is a direct hire/salary position with excellent benefits, and outstanding compensation including full medical, dental, 401K, vacation and holiday pay.

The Network Security Assurance & Remediation Engineer works closely with Compliance and Cyber Security teams to identify and remediate issues within the agency’s Enterprise Network Infrastructure. The agency network infrastructure includes Wide Area Networks, Local Area Networks and Wireless networks connecting approximately 400 sites. These networks are interconnected to enable secure connectivity and protected at the network perimeter through the use of firewalls and Intrusion Prevention Systems (IPS). As a member of Network Operations, this person should have a solid understanding of Federal Security Controls and how to proactively identify current and potential issues in the future. This role will require critical and analytical thinking as well as solid firewall and network engineering experience to perform remediation. This person will also provide technical guidance and mentorship to junior engineers on security assessment and remediation efforts.

As a key participant within a cohesive network engineering team, you will share responsibilities for conducting network infrastructure Security Assessments supporting a continuous Approval to Operate (ATO) for the agency’s network infrastructure so it can carry out its mission of supporting healthcare operations. An additional area of responsibility includes a lead management role for the agency’s Continuous Diagnostics & Mitigation (CDM) environment and the implementation of Network Access Control (NAC).

10% Planning & Analysis - STRATEGIC

• Researches and analyzes business trends and behavioral data to identify opportunities for improvements and new initiatives
• Drives the evaluation, development, and recommendation of specific technology products and platforms to provide cost-effective solutions that meet business and technology requirements
• Researches and designs best fit infrastructure, network, database, and security architectures for products

30% Delivery & Execution - TACTICAL

• Drives security configuration and support for network infrastructure, firewalls and CDM environment (STIG comparisons for baselining network security configuration profile)
• Drives the stand up of necessary security system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs
• Proactively creates and maintains tools for monitoring and support
• Participates in project planning and reporting across multiple efforts

50% Support & Enablement

• Collaborates with product and project teams to understand needs and enable them with infrastructure
• Supports technology architecture design review efforts for project and product teams
• Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate
• Drives root cause analysis, debugging, support, and post-mortem analysis for security incidents and related service interruptions
• Maintains, upgrades, and supports existing CDM and/or security infrastructure to ensure operational stability
• Opens and manages vendor problem tickets to resolution
• Drives the production of in-house documentation around solutions
• Monitors tools and proactively helps teams diagnose systems issues
• Provides application support for software running in production
• Creates scripts and tools that drive automation and enable product teams and end users to move towards self service
• Review network infrastructure device compliance with base line configurations modeled on the Center for Internet Security (CIS) or Security Technical Implementation Guides (STIG) best practices for securing IT systems and data.

• Preferred Qualifications:

  • Network Routing & Switching
  • Security incident response participation experience is required.
  • Practical experience with firewall configuration & policy - preferably Palo Alto
  • Linux administration
  • Practical understanding of Wireshark Packet capture & analysis
  • Ability to conduct Firewall traffic log analysis & reporting in collaboration with network engineers.
  • Process and procedure assessment & development
  • Experience in CDM & NAC - Cisco ISE for authentication and ForeScout for CDM operations
  • Security Configuration management for network devices
  • Vulnerability management for network devices
  • Security analysis skills and ability to correlate data from multiple sources to drive decisions and outcomes.
  • Firewall policy lockdown and hardening experience based on least privilege principles or with Zero Trust architecture. Firewall Policy lockdown is based on deny by default, permit by exception access policies.

  Additional Qualifications:

  • Federal Information Security Modernization Act (FISMA)
  • The National Institute of Standards and Technology (NIST) publication applicable to network security
  • Microsoft Azure security familiarity
  • Audit Controls
  • Experience building Splunk dashboards
  • IT Governance Frameworks ITIL, COBIT
  • STIG Controls
  • Experience with DDoS protection
  • Experience with Cisco or Palo Alto Firewalls

  Knowledge, Skills, Abilities and Competencies:

  • Action Oriented: Taking on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm
  • Collaborates: Building partnerships and working collaboratively with others to meet shared objectives
  • Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
  • Cultivates Innovation: Creating new and better ways for the organization to be successful
  • Drives Results: Consistently achieving results, even under tough circumstances
  • Global Perspective: Taking a broad view when approaching issues; using a global lens
  • Interpersonal Savvy: Relating openly and comfortably with diverse groups of people
  • Manages Ambiguity: Operating effectively, even when things are not certain or the way forward is not clear
  • Nimble Learning: Actively learning through experimentation when tackling new problems, using both successes and failures as learning fodder
  • Self-Development: Actively seeing new ways to grow and be challenged using both formal and informal development channels
  • Situational Adaptability: Adapting approach and demeanor in real time