Network Engineer - Cisco & Zero Trust Architecture

POSITION: Network Engineer Cisco & Zero Trust Architecture

CLEARANCE REQUIREMENT: Must be eligible to obtain a Public Trust Tier 2 clearance or hold an active DoD security clearance

POSITION OVERVIEW:IMRI is seeking a skilled and mission-driven Network Engineer to support a secure, enterprise-scale Cisco networking environment within a federal setting. This role is responsible for designing, implementing, and maintaining resilient network architectures aligned with Zero Trust principles and federal cybersecurity standards. The ideal candidate brings hands-on expertise in network engineering, security, and operations, along with a strong understanding of compliance frameworks and secure infrastructure design. This position offers the opportunity to contribute to high-impact initiatives that enhance security, reliability, and operational excellence for our federal customers.

KEY RESPONSIBILITIES:

Network Engineering & Operations

• Design, implement, and support enterprise network infrastructure across core, distribution, access, and edge layers
• Ensure high availability, scalability, and performance of Cisco-based network environments
• Troubleshoot complex issues and conduct root cause analysis for network incidents and outages

Network Security & Compliance

• Implement and maintain network security controls aligned with NIST SP 800-53 and Zero Trust Architecture (NIST SP 800-207)
• Enforce Zero Trust principles, including network segmentation, micro-segmentation, and continuous verification
• Perform system hardening and maintain secure configurations in alignment with Cisco and industry best practices
• Support vulnerability management, including patching, firmware updates, and remediation efforts

Infrastructure & Network Services

• Configure, manage, and troubleshoot routing, switching, and network services (VLANs, DNS, DHCP, VPNs)
• Implement and maintain 802.1X network access control to secure endpoint connectivity
• Secure network perimeters through firewall management, ingress/egress filtering, and multi-factor authentication

Monitoring & Incident Response

• Monitor network performance, availability, and security events using enterprise tools
• Integrate network components with centralized logging and SIEM platforms
• Support incident response efforts, including traffic analysis, containment actions, and forensic data collection

Access Control & Zero Trust Implementation

• Design and enforce least-privilege, identity-based access controls across all network layers
• Develop and maintain segmentation strategies to protect sensitive systems and prevent lateral movement

Change Management & Documentation

• Support formal change management processes, including security impact analysis and approvals
• Maintain accurate network diagrams, configurations, and asset inventories
• Develop and update Standard Operating Procedures (SOPs) to support audit readiness and operational continuity

Collaboration & Support

• Serve as a technical escalation point for complex service desk requests
• Collaborate with cybersecurity, cloud, and Microsoft engineering teams to deliver integrated solutions
• Provide technical guidance to improve network performance and security posture

REQUIRED QUALIFICATIONS:

• Proven experience with Cisco networking technologies in enterprise environments
• Strong expertise in routing, switching, and core networking protocols
• Experience implementing Zero Trust architecture and segmentation strategies
• Knowledge of NIST SP 800-53 and NIST SP 800-207 frameworks
• Hands-on experience with firewalls, VPNs, 802.1X, and network access controls
• Experience with network monitoring, logging, and SIEM integration
• Demonstrated ability to perform vulnerability remediation and system hardening
• Strong troubleshooting and analytical skills, including root cause analysis
• Experience working within structured change management and documentation practices

PREFERRED QUALIFICATIONS:

• Experience supporting federal government or regulated environments
• Familiarity with Cisco Secure Configuration Guides and security hardening practices
• Experience with NIST Risk Management Framework (RMF) processes
• Knowledge of automated patching and firmware lifecycle management