"Alerted.org

Overview

GovCIO is seeking an experienced Network Security Engineer (Senior) to provide critical support for our U.S. Coast Guard program.This position will be located inKearneysville, WVand will be a hybrid remote position.

Responsibilities

The ideal candidate will specialize in designing, implementing, and maintaining our secure network infrastructure with a core focus on Zero Trust Architecture and Network Access Control (NAC). This role is critical for protecting high-value assets within large-scale U.S. Coast Guard enterprise environments, including NIPRNet, SIPRNet and DDIL. You will be a subject matter expert on Cisco ISE, and responsible for the full lifecycle of our C2C and 802.1x NAC solutions in a fast-paced, high-stakes environment.

Cisco ISE Administration** **and** **NAC Support

+ Configure, maintain, and optimize Cisco Identity Services Engine (ISE) for robust authentication, authorizationand accounting (AAA)

+ Administer and maintain the full ISE deployment, including Policy Service Nodes (PSNs), Monitoring and Troubleshooting Nodes (MnTs) and the Primary Admin Node (PAN)

+ Implement and support 802.1X, MAB (MAC Authentication Bypass), posture assessment and advanced profiling for comprehensive endpoint security

+ Configure and manage Cisco ISE Guest Access, BYOD policies, and endpoint device profiling.

+ Perform routine ISE system updates, patches, and health checks to ensure optimal system stability and performance, including executing the node upgrade process

+ Monitor and analyze RADIUS, TACACS+, LDAP, and Active Directory authentication logs to ensure security compliance and troubleshoot performance issues

+ Expertly troubleshoot complex authentication failures, endpoint misclassifications, and network access issues

Network Security** **and** **Compliance Support

+ Ensure all Network Access Control (NAC) enforcement strictly aligns with DoD Comply to Connect (C2C) policies and DISA STIGs

+ Implement and support device posture validation, MSFT Defender, Tanium, dynamic ACL (dACL) provisioning, dynamic VLAN assignmentsand Security Group Tagging (SGT)

+ Collaborate with network and security teams to design and enforce Zero Trust security models and the principle of least privilege access

+ Assist in implementing and troubleshooting certificate-based authentication (TLS/SSL, OpenSSL operations and PKI infrastructure)

+ Conduct deep-dive traffic analysis using tools like Wireshark, TCPDumpand SolarWinds to diagnose authentication issues and identify network anomalies

Firewall** **and** **Infrastructure Integration

+ Support the seamless integration of Cisco ISE with security and network platforms, including Cisco Firepower, ASR/ISR/CSR/ASA firewalls, VERSA and Palo Alto NGFWs

+ Assist in troubleshooting NAC-related network performance issues that affect LAN/WAN connectivity

+ Provide expert support for multi-VRF environments, ensuring proper NAC enforcement across complex and segmented network topologies

Qualifications

+ Bachelor’s degree in computer science, information systems or a related fieldwith 8+ years (or commensurate experience).

+ 5+ years of dedicated experience in network security, NACor related roles.

+ A minimum of 3+ years of direct, hands-on experience in Cisco ISE administration, NAC policy managementand network authentication security.

+ Clearance Required: Must be cleared up to an active Secret clearance.

Required Skills and Experience 

+ Current DoD 8570 IAT Level II certification (e.g., Security+ CE, CCNA Security, SSCP)

+ Deep expertise in Cisco ISE architecture, profiling, posture assessmentand endpoint classification

+ Proficient with 802.1X, MAB, RADIUS, TACACS+, LDAP and Microsoft Active Directory integration

+ Hands-on experience with Cisco Switch CLI for configuration and troubleshooting

+ Strong understanding of certificate-based authentication (PKI, TLS/SSL, OpenSSL)

+ Framework & Tools Knowledge:

+ Proven experience working within DoD cybersecurity compliance frameworks (e.g., DISA STIGs, NIST 800-53, IAVMs).

+ Familiarity with Cisco Firepower, ASA firewalls, and Palo Alto NGFWs.

Preferred Skills

+ Basic scripting knowledge (Python, Bash, or REST APIs) for automation and troubleshooting is a significant plus.

\#JP #USCG

Company Overview

GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.

But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

What You Can Expect

Interview & Hiring Process

If you are selected to move forward through the process, here’s what you can expect:

+ During the Interview Process

+ Virtual video interview conducted via video with the hiring manager and/or team

+ Camera must be on

+ A valid photo ID must be presented during each interview

+ During the Hiring Process

+ Enhanced Biometrics ID verification screening

+ Background check, to include:

+ Criminal history (past 7 years)

+ Verification of your highest level of education

+ Verification of your employment history (past 7 years), based on information provided in your application

Employee Perks

At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including:

+ Employee Assistance Program (EAP)

+ Corporate Discounts

+ Learning & Development platform, to include certification preparation content

+ Training, Education and Certification Assistance*

+ Referral Bonus Program

+ Internal Mobility Program

+ Pet Insurance

+ Flexible Work Environment

*Available to full-time employees

Our employees’ unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.

**We are an Equal Opportunity Employer.** All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.

Posted Pay Range

The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors.

Posted Salary Range

USD $105,000.00 - USD $136,000.00 /Yr.

Submit a referral to this job (https://careers-govcio.icims.com/jobs/7287/network-security-engineer-senior/job?mode=apply&apply=yes&in\_iframe=1&hashed=-1834385473)

**Location** _US-WV-Kearneysville_

**ID** _2025-7287_

**Category** _Information Technology_

**Position Type** _Full-Time_