Our client, a large public sector organization, is seeking a Network Security Engineer for a hybrid (3 days per week onsite in Brooklyn) contract position. You can onboard as our W2 employee or independent contractor. This is a 2 year contract position with a pay range of $75-$95/hour
Project Background:
The Network Security Engineer will play a key role in supporting the modernization of the data center infrastructure, enhancing security operations, and supporting high-priority applications. This role is essential to protecting the organization’s hybrid cloud environment and ensuring network resiliency and security.
This individual must have strong hands-on experience with Cisco ASA/Firepower firewalls, F5 load balancers, and hybrid cloud environments (Azure/AWS). The engineer will provide expert-level troubleshooting, configuration, and support for data center and enterprise network security operations.
Key Responsibilities:
- Collaborate with IT Security teams and NYC Cyber Command to address and remediate vulnerabilities.
- Use tools such as Splunk to correlate incident data, identify vulnerabilities, and recommend timely remediation steps.
- Implement, upgrade, and monitor security controls for networks, systems, and information.
- Troubleshoot complex network issues; make recommendations for improvements and contribute to network design and planning.
- Design, configure, and support Cisco ASA and Firepower firewalls (FMC/FTD/FXOS), including AnyConnect VPN and various tunnel protocols.
- Collaborate with application teams to design and implement load balancing solutions (F5, Avi Networks/NSX).
- Configure Cisco Identity Services Engine (ISE) for access control.
- Manage firewall configurations in hybrid cloud environments (Azure, AWS).
- Coordinate with vendors to resolve network outages and meet service level targets.
- Use packet-level analysis tools (Wireshark, tcpdump, Netscout) for security monitoring and traffic troubleshooting.
- Create and maintain documentation, SOPs, and network diagrams using Visio or Lucidchart.
- Work with security teams on Zscaler policy administration and reporting.
Mandatory Minimum Qualifications:
- 5+ years of experience in network security using Cisco ASA and Firepower technologies.
- 5+ years of experience with F5 load balancing solutions (LTM, GTM, BIG-IQ).
- 5+ years of packet analysis for troubleshooting and monitoring.
- 5+ years configuring and troubleshooting Cisco routers and L2/L3 switches.
- 5+ years of experience with routing protocols including BGP, OSPF, and EIGRP.
Preferred Qualifications:
- Prior experience in education-related projects or government agencies.
- Relevant certifications (e.g., Cisco CCNA/CCNP, CompTIA Security+).
- Experience with VMware NSX and NSX Advanced Load Balancer.
- Familiarity with Splunk SIEM and SPL scripting.
- Experience with Azure/AWS infrastructure and ExpressRoute.
- Familiarity with Zscaler policy management.
- Strong communication skills, both verbal and written.
- Highly organized, detail-oriented, and self-directed.