Job Description
Job Description
Overview
Senior Enterprise Network Engineer
LOCATION: Columbia, MD (Onsite)
JOB STATUS: Full-time
CLEARANCE: Active Top Secret (TS/SCI Preferred)
TRAVEL: As Needed
SALARY RANGE: $150k - $170k
Astrion has an exciting opportunity for a highly experienced Senior Network Engineer to design, implement, secure, and maintain mission-critical network infrastructures supporting Department of Defense/Department of War (DoD/DoW) environments. The ideal candidate brings deep expertise in Cisco and Fortinet technologies, extensive experience operating within classified networks, and a proven track record of implementing and maintaining systems in compliance with Risk Management Framework (RMF), DoD STIG and Cross Domain / Comply-to-Connect (C2C) requirements.
REQUIRED QUALIFICATIONS / SKILLS
- Active Top Secret security clearance.
- TS/SCI preferred
- Bachelor’s degree in Network Engineering, Computer Science, or related field (or equivalent experience)
- 8+ years of experience in network engineering within Department of Defense/Department of War (DoD/DoW) or classified environments
- Deep expertise in:
- Cisco routing & switching (BGP, OSPF, EIGRP, VLANs, MPLS)
- Fortinet solutions (FortiGate, FortiOS, VPNs, security fabric)
- Demonstrated experience implementing and maintaining DISA STIG compliance
- Hands-on experience with C2C / Cross Domain architectures and security controls
- Strong understanding of:
- RMF (Risk Management Framework)
- DISA security requirements and accreditation processes
- DCSA Accreditation Standards
- Active DoD 8140 (formerly DoD 8570) compliant industry certification (e.g., Security+ CE, CISSP, etc.)
- Active DoD 8140 (formerly DoD 8570) compliant environment certification (e.g., minimum Cisco CCNP)
- Experience with C2C Requirements:
- Network automation (Python, Ansible)
- Zero Trust architectures
- SIEM integration and log analysis
- NetFlow monitoring
KEY COMPETENCIES
- Advanced network design and troubleshooting
- Security hardening and compliance enforcement
- Strong analytical and problem-solving abilities
- Excellent communication and documentation skills
- Ability to operate in high-security, mission-critical environments
PREFERRED QUALIFICATIONS / SKILLS
- CCIE (Enterprise or Security)
- Fortinet NSE 4–7 certifications
- Project Management Experience
- Experience briefing Executive Leadership
- Prior experience supporting Cross Domain Solutions (CDS) programs
- Experience with cloud-based DoD environments (e.g., Azure Government, Azure Secret)
RESPONSIBILITIES
- Design, implement, and maintain secure network architectures using Cisco (routing/switching, ISE) and Fortinet (FortiGate) solutions
- Design, implement, and maintain 802.1x compliance platform
- Engineer and support classified and unclassified network environments (e.g., MDA CNET, NIPR, SIPR, JWICS as applicable)
- Ensure compliance with DoD Security Technical Implementation Guides (STIGs) and cybersecurity policies
- Implement and maintain Cross Domain Solutions (CDS) and Comply-to-Connect (C2C) architectures
- Perform network hardening, vulnerability remediation, and continuous monitoring in accordance with RMF controls
- Develop and maintain network documentation, diagrams, SOPs, and security artifacts
- Support Authority to Operate (ATO) processes, including STIG checklists, POA&Ms, and risk assessments
- Troubleshoot complex network and security issues across multi-vendor environments
- Collaborate with cybersecurity, systems engineering, and mission stakeholders to ensure secure, reliable operations
- Support audits, inspections, and compliance validation activities