Overview

Working across the globe, V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security, streamline logistics, and enhance readiness. Aligned around a shared purpose, our $3.9B company and 16,000 people work alongside our clients, here and abroad, to tackle their most complex challenges with integrity, respect, responsibility, and professionalism.

WAN Security Engineers support Enterprise-class network security technologies, which includes network firewalls, web proxy appliances, and Network Access Control solutions for the RCC-SWA. The WAN Security Engineers are responsible for the operations and maintenance (O&M) of the enterprise-class network security technologies, to include, troubleshooting, optimization, administration, change management and technical documentation. The core network technologies include Cisco ASA Firewalls, Cisco DMZ Switches, Broadcom BlueCoat, VPN Concentrators, and Cisco Secure Access Control System. The engineer will work on site alongside the Security Operations team to become thoroughly familiar with unique processes and requirements relative to the Department of Defense (DoD) specific configurations and challenges. Program: OMDAC-SWACA

This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program!

You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position.

Responsibilities

• Provide enterprise-level customer support for all request to modify network firewall access-list.

• Manage access control to all network devices in the theater

• Troubleshoot and resolve web browsing issues

• Support request for services hosted in the demilitarized zones (DMZ)

• Assist with identifying malicious web activity.

• Ensure that all technologies that are managed are compliant with all current DISA Security Technical Implementation Guides (STIGs).

• Perform regular system maintenance in support of IAVA vulnerabilities and CCRI Compliance.

• Provides network security policy recommendations, project planning, change control, firewall management, and access control list (ACL) management.

• Extensive knowledge in certificate-based authentication for VPN Concentrators to allow Virtual Private Network (VPN) connections.

• Create and maintain BlueCoat ProxySG web filtering policy, BlueCoat Reporter database, and BlueCoat Content Analysis System (CAS) scanning definitions.

• Working knowledge of HTTP/S proxy servers and security (Web Cache Communication Protocol, browser interaction, and filtering / authentication.

• Proven ability to troubleshoot TCP/IP layer issues via PCAP and SSL/TLS issues via Policy-Trace on the Bluecoat and/or PCAP software such as WireShark.

• Support authentication, authorization, accounting (AAA) & auditing for all network devices and maintain records for accounts in Cisco ACS.

• Knowledge and ability to troubleshoot routing protocols: EIGRP, RIP, OSPF, BGP, and MPLS.

• Ability to implement standard and extended access-lists.

• Ability to make accurate and independent decisions under pressure.

• Experience with a customer service-oriented company.

• Excellent organizational, interpersonal, written, and verbal communication skills.

• Ability to perform comfortably in a fast-paced, deadline-oriented work environment.

• Ability to successfully execute many complex tasks simultaneously.

• The work environment will be 95% indoor and 5% outdoor.

• Perform additional duties as assigned.

Qualifications

• Qualification:

• Education / Certifications: One year of related experience may be substituted for one year of education if degree is required.

• Bachelors Degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field.

• This position requires candidates to adhere to DoD 8570.01. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification. The authorized certifications for this job title are listed as follows:

• IAT Level: IAT III

• BASELINE:

• Cisco: CCNP Security (Cannot be used as a dual qualifier)

• CompTIA: CASP+ ce: Advanced Security Practitioner

• GIAC: GCED: Certified Enterprise Defender

• GIAC: GCIH: Certified Incident Handler

• ISACA: CISA: Certified Information Systems Auditor

• ISC2: CCSP: Certified Cloud Security Professional

• ISC2: CISSP (or Associate): Certified Information Systems Security Professional

• COMPUTING ENVIRONMENT (CE):

• Blue Coat: BCCPP: Certified Proxy Professional

• Cisco: CCIE: (Any)

• Cisco: CCNP: Certified Network Professional (Any)

• Microsoft: 365 Certified: Enterprise Administrator Expert

• Microsoft: Certified: Azure Database Administrator Associate

• Microsoft: Certified: Azure Security Engineer Associate

• Microsoft: Certified: Azure Solutions Architect Expert

• Microsoft: MCSA: Windows Server 2016

• Microsoft: MCSE: Cloud Platform and Infrastructure

• Microsoft: MCSE: Core Infrastructure

• Microsoft: MCSE: Data Management and Analytics

• Microsoft: MCSE: Productivity Solutions Expert

• Experience: One year of related academic study above the high school level may be substituted for one year of experience up to a maximum of a 4-year bachelor's degree in a Software Engineering or Business Information Systems discipline for three years general experience.

• Minimum of 10 years of experience in demonstrating the ability and aptitudes, required to perform technical, managerial, or analytical work.

• Coordinate enterprise network equipment & software platforms including a combination of the following: Cisco ASA Firewalls, Cisco Firepower Next Gen Firewall, Cisco Secure Firewall Management Center, Symantec BlueCoat, Cloud-Based Internet Isolation Solutions, and Cisco Identity Services Engine (ISE).

• Skills:

• Proficiency using a combination of the following platforms:

• Cisco devices (i.e., Cisco ASA, ASRs, & 3700 series switches)

• Symantec BlueCoat (i.e., ProxySG series

• Director & Content Analysis System)

• Cisco Secure Access Control System

• Cisco AnyConnect, and Cisco ASA CLI & ASDM

  We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.