-
Senior Network Engineer
- Koniag Government Services (Chantilly, VA)
-
**Eagle Harbor Solutions,** a Koniag Government Services company, is seeking a Senior Network Engineer to support EHS and our government customer. This is a Remote opportunity. _This position can be remote but requires travel to the locations listed._
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
Network Engineer shall serve as a subject matter expert for IT Telecommunication Systems as the point of contact for creating, maintaining, and updating, the UCB ICS networks.
Essential Functions, Responsibilities & Duties may include, but are not limited to:
+ Responsible for the design of the SCADA network and overseeing all related activities related to deployment and commissioning of the ICS networks.
+ Reviews and provide configuration recommendations for all ICS network equipment. Prepares and provides documentation on ICS network as directed.
+ This is a remote position and will require travel to perform on-site visits, assessments, and tasks.
Experience:
+ Experience with CISCO routing and switching infrastructure, CISCO ASA Firewalls, CISCO IOS NetFlow, SolarWinds suite for monitoring tracking and maintaining infrastructure, Nessus, and Wireshark is highly desired.
+ Support the Glen Canyon ICS-Operations group, located in Page, Arizona, in ICS network related tasks as described herein.
+ Conducting a comprehensive assessment of the existing ICS networks.
+ The assessment involves identifying the current network configurations and available infrastructure, analyzing traffic patterns, and reviewing security measures and documentation.
+ Subsequently, the engineer will design a modernized network architecture that incorporates standard network security practices, such as centralized logging, intrusion detection system (IDS), and management and monitoring tools.
+ The design will ensure the network meets NERCCIP and FISMA regulatory standards and applies security best practices and controls in accordance with the NIST SP 800 series.
+ Advise and aid in the procurement, installation, configuration, and testing of network devices.
+ Assist with the coordination to properly interface equipment with Western, the WAN service provider, and provide guidance to ensure successful integration.
+ Ensure effective knowledge transfer to enable Reclamation to operate and maintain the ICS networks.
+ Support Reclamation in other areas pertaining to network engineer, such as the development of compliance documentation, policies, and procedures.
+ Serve as a subject matter expert and point of contact for creating, maintaining, and updating, the UCB ICS networks.
+ Provides expert advice, counsel, and instruction to employees, supervisors, and management on issues pertaining to CRSP ICS network and the administration of it.
+ Ensure continuous performance of the ICS networks by analyzing, monitoring, and optimizing the network’s performance and security.
+ Follow Reclamation’s change management processes, test all changes in a representative test environment before implementation in production, identify and resolve technical issues after implementation of changes, as-well as identify and provide recommendations for violation resolutions, and log activity.
+ Provide system security contributions to:
+ System security assessments and plans to assure the inclusion of the network security plans and posture.
+ Authority and Assessment process and documentation.
+ Identify and aid in the mitigation of network security vulnerabilities and risks.
+ Participates in the resolution of Plan of Action and Milestones (POAMS) items relating to infrastructure service areas while coordinating with UCB Cyber Security group and ISSOs.
+ Perform a network assessment and requirements analysis to understand the specific needs and requirements of the ICS networks, such as available infrastructure, bandwidth, latency, redundancy, and security to develop system requirements.
+ Provide Network Assessment Report for Reclamation’s Review and Approval.
+ Design and provide a modernized SCADA Network Design that shall be in accordance with the requirements of the task order.
+ Responsible for the design of the modernized SCADA network.
+ Collaborate with Reclamation’s design team in charge of the SCADA Modernization project to share information regarding the network design and collect information on the SCADA end-point devices to facilitate an inclusive design.
+ The SCADA network design shall support near real-time data communication between remote sites and control centers.
+ Incorporate network equipment redundancy at Reclamation’s control centers and configure mechanisms to ensure high availability and fault tolerance.
+ Perform capacity planning to ensure adequate resources are provided for scalability.
+ Ensure that the CRSP SCADA ICS network complies with FISMA, NIST, NERCCIP and relevant industry standards.
+ Apply Reclamation system security policies and procedures, STIGs, and Standard Operating Procedures on all new and existing equipment and systems.
+ Implement measures, through network design, software, and equipment configurations, to protect the SCADA ICS network from internal and external cyberattacks.
+ Establish QoS policies to prioritize critical traffic over non-critical data on the network.
+ Identify any potential weaknesses in the designed network that cannot be addressed in the network design and provide a justification as to why and potential mitigations.
+ Provide comprehensive Network Design Documentation encompassing the architecture, infrastructure, equipment and configurations for Reclamation’s Review and Approval.
+ Provide network equipment procurement support.
+ Collaborate with vendors to identify the appropriate network equipment and software.
+ Develop a comprehensive Bill of Materials (BoM) required to implement the SCADA Network Design for Reclamation’s Review and Approval.
+ The BoM will be provided to Reclamation’s procurement team to acquire.
+ Assist Reclamation in developing a procurement package.
+ Assist Reclamation in the review of vendor submittals related to the procurement of network equipment and materials.
+ The review will assess the technical adequacy of the submittal to ensure equipment meets the design intent.
+ Provide a written response detailing the findings and recommendation within 10 business days of the request to evaluate.
+ Develop a Deployment Plan that defines the tasks, schedule, milestones, and resources for the installation and configuration of equipment and software for the SCADA network.
+ Leads or perform installation and implementation activities in accordance with the Deployment Plan.
+ Provide configurations for routers, switches, firewalls, and other network devices to for the ICS networks.
+ Provide installation guidance for ICS network equipment.
+ Resolve integration issues related to the implementation of the networks and network equipment.
+ Guide the implementation and configuration of security measures such as access control, intrusion detection systems, and firewalls to protect against cyber threats
+ Guide the deployment of the SIEM, IDS and other network monitoring tools to continuously monitor network performance and detect anomalies.
+ Backup and Recovery Procedures for network components to ensure data integrity and system resilience, submit to Reclamation for Review and Approval.
+ Provide a preliminary Asset Inventory and Configuration Files for Reclamation’s Review and Approval prior to deployment of network devices.
+ Lead and/or perform network and network equipment implementation and commissioning activities.
+ Site Acceptance Test (SAT) Plan
+ Site Acceptance Test Report
+ Provide system documentation contributions to:
+ Review and evaluate network procedures and policies.
+ Review and update existing network standard operating procedures (SOP) or manuals.
+ Accountable for the development, maintenance, and quality assurance of comprehensive documentation.
Education / Certifications:
+ Bachelor’s degree in computer science, information technology or a related field
+ 5+ years of related work experience
+ Desired - Cisco Certified Network Professional (CCNP), Cisco Certified Internetwork Expert (CCIE) or Certified Information Systems Security Professional (CISSP).
Travel:
+ Required for this position to perform tasks throughout the Upper Colorado Region at the various power plants and facilities.
+ The primary service location is at Glen Canyon Power Plant located near Page, AZ 86040. Secondary service locations are:
+ Flaming Gorge Power Plant, Utah
+ Fontenelle Power Plant, Wyoming
+ Blue Mesa Power Plant, Colorado
+ Morrow Point Power Plant, Colorado
+ Crystal Power Plant, Colorado
+ Upper Molina Power Plant, Colorado
+ Lower Molina Power Plant, Colorado
+ Montrose Field Office, Colorado
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at [email protected] or by calling 703-488-9377 to request accommodations.
_Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit_ _www.koniag-gs.com_ _._
_Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352_
Job Details
Job Family** **IT, Cyber Security, Network Systems
Job Function** **Network Engineer
Pay Type** **Salary
Education Level** **Bachelor’s Degree
-
Recent Jobs
-
Senior Network Engineer
- Koniag Government Services (Chantilly, VA)
-
Cloud Engineer Sr Principal
- General Dynamics Information Technology (Fairfax, VA)