Sign upLog in

Senior Network Engineer – Cisco & Zero Trust Architecture

IMRI Technology & Engineering Solutions

Ashburn, Virginia

Apply
JOB DETAILS
SKILLS
802.1, Access Control, Analysis Skills, Architectural Design, Authentication, Best Practices, Change Management, Cisco Network Systems, Cloud Computing, Computer Firmware, Computer Security, Corrective Action, Cross-Functional, Customer Support/Service, DHCP (Dynamic Host Configuration Protocol), DNS (Domain Name System), Data Collection, DoD Clearance, Document Change Management, Documentation, Enterprise Architecture, Environmental Monitoring, Federal Compliance Regulations, Federal Government, Firewalls, High Availability, Identify Issues, Incident Response, Internet Security, Microsoft Product Family, Network Access Control (NAC), Network Administration/Management, Network Architecture/Engineering, Network Configuration Management, Network Design, Network Integration, Network Monitoring, Network Performance/Analysis, Network Routing, Network Security, Network Support, Network Switching, Network Systems, Network Traffic Analysis, Operational Audit, Remote Access, Risk Management, Risk Management Framework (RMF), Root Cause Analysis, Security Analysis, Security Attacks, Security Clearance, Security Information and Event Management (SIEM), Security Monitoring, Software Engineering, Software Patches, Standard Operating Procedures (SOP), Standards Development, Switching Architecture, Technical Leadership, U.S. National Institute of Standards and Technology (NIST), VLAN (Virtual Local Area Network), VPN (Virtual Private Network)
LOCATION
Ashburn, Virginia
POSTED
1 day ago

POSITION TITLE: Senior Network Engineer Cisco & Zero Trust Architecture

CLEARANCE REQUIREMENT: Must be eligible to obtain a Public Trust Tier 2 clearance or hold an active DoD security clearance

POSITION OVERVIEW:IMRI is seeking an experienced and strategic Senior Network Engineer to support a high-visibility federal customer environment. This role is responsible for leading the design, implementation, and sustainment of secure, enterprise network architectures built on Cisco technologies and aligned with Zero Trust principles. As a senior technical contributor and advisor, you will play a key role in strengthening network security, resilience, and operational performance, while supporting ongoing incident response remediation efforts and compliance with federal cybersecurity standards.

KEY RESPONSIBILITIES:

Enterprise Network Engineering & Operations

  • Lead the design, implementation, operation, and optimization of enterprise Cisco network infrastructure across core, distribution, access, and edge environments
  • Ensure high availability, scalability, performance, and resilience of mission-critical network systems
  • Perform advanced troubleshooting and root cause analysis (RCA) for network outages, performance issues, and security events

Network Security Architecture & Compliance

  • Implement and sustain network security controls aligned with NIST SP 800-53 and Zero Trust Architecture (NIST SP 800-207)
  • Drive Zero Trust adoption through network segmentation, micro-segmentation, and continuous verification strategies
  • Continuously assess and strengthen network security posture through monitoring, risk mitigation, and evolving best practices

Network Access Control & Identity Integration

  • Architect and enforce secure network access controls, including 802.1X port-based authentication, role-based access, and identity-aware networking
  • Integrate network access with enterprise identity services to support least-privilege access models

Routing, Switching & Infrastructure Services

  • Oversee routing, switching, and core network services, including VLANs, DNS, DHCP, and VPNs
  • Ensure secure configurations, optimal performance, and alignment with organizational standards

Perimeter Security & External Access Protection

  • Secure public-facing and edge network environments, including firewalls, remote access solutions, and perimeter devices
  • Implement strict access controls, ingress/egress filtering, and monitoring to defend against external threats

Monitoring, Logging & Security Operations Enablement

  • Establish and manage enterprise network monitoring, logging, and alerting capabilities
  • Integrate network infrastructure with SIEM and network detection and response (NDR) platforms to enhance visibility and threat detection
  • Support 24/7 operational monitoring environments and incident response readiness

Vulnerability Management & Device Lifecycle

  • Lead structured vulnerability management activities, including patching, firmware updates, and remediation
  • Maintain lifecycle management processes to ensure all network assets remain secure, supported, and compliant

Change Management & Documentation

  • Ensure all network changes follow formal change management processes, including impact and security analysis
  • Maintain detailed network diagrams, configuration baselines, and asset inventories
  • Develop and maintain Standard Operating Procedures (SOPs) to support audit readiness and operational continuity

Incident Response & Security Support

  • Provide network-level expertise during incident response activities, including traffic analysis, containment (e.g., segmentation, traffic blocking), and forensic data collection
  • Support audits, assessments, and compliance reviews by providing documentation, evidence, and remediation support

Technical Leadership & Collaboration

  • Serve as a senior technical advisor to stakeholders and cross-functional teams
  • Collaborate with cybersecurity, cloud, and Microsoft engineering teams to resolve complex challenges and improve network architecture
  • Act as an escalation point for advanced service desk issues and network-related initiatives

Key Technical Responsibilities

  • Implement and maintain security controls across NIST domains (AC, CM, SC, AU)
  • Enforce Zero Trust architecture (segmentation, micro-segmentation, identity verification)
  • Design and implement least-privilege, role-based network access controls
  • Deploy and manage 802.1X network access enforcement
  • Configure centralized logging with integration to SIEM platforms
  • Conduct continuous monitoring, vulnerability assessments, and RMF-aligned remediation
  • Harden network devices using Cisco Secure Configuration Guides and secure baselines
  • Secure perimeter infrastructure through firewall management, filtering, and MFA enforcement
  • Perform root cause analysis and implement corrective/preventive actions
  • Maintain automated patching and firmware lifecycle processes
  • Administer and troubleshoot DNS services within enterprise environments
  • Develop and maintain accurate, up-to-date network diagrams and documentation

REQUIRED QUALIFICATIONS:

  • Extensive experience with Cisco enterprise network engineering and operations
  • Advanced knowledge of routing, switching, and network architecture design
  • Demonstrated experience implementing Zero Trust principles and segmentation strategies
  • Strong understanding of NIST SP 800-53 and NIST SP 800-207 frameworks
  • Hands-on experience with firewalls, VPNs, network access control, and security technologies
  • Expertise with 802.1X, identity-based networking, and access enforcement
  • Experience integrating network infrastructure with SIEM and monitoring platforms
  • Proven ability to perform system hardening, vulnerability remediation, and compliance support
  • Strong analytical and troubleshooting skills, including root cause analysis
  • Experience supporting structured change management and documentation practices

PREFERRED QUALIFICATIONS:

  • Experience supporting federal agencies or highly regulated environments
  • Familiarity with Cisco Secure Configuration Guides and security hardening standards
  • Experience with NIST Risk Management Framework (RMF) processes
  • Knowledge of automated patch management and enterprise device lifecycle strategies

About the Company

I

IMRI Technology & Engineering Solutions

Resume Resources

Free Resume TemplatesFree Resume Builder