Network Security Engineer (26-212)

We are flexible and resilient in a fast-changing environment. We continuously innovate and drive constructive change while keeping a focus on the “big picture.” We exercise sound business judgment in making high-quality decisions in a timely and cost-effective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems.

We get things done and drive results. We lead without a title, empowering others through a can-do attitude. We look forward to the goal, mentally mapping out every checkpoint on the pathway to success, and visualizing what the final destination looks and feels like.

We are humble individuals who understand how our job impacts the company's mission. We treat others with respect, admit mistakes, give credit where it’s due and demonstrate transparency. We “bring the weather” by exhibiting positive leadership and solution-focused thinking. We hug people in their trials, struggles, and failures – not just their success. We appreciate the individuality of the people around us.

• Assess compliance of information systems with DoD RMF standards, including review, verification, and validation of required documentation and artifacts in accordance with DoDI 8510.01.
• Develop cyber-secure configurations for network devices, including firewalls, switches, and routers.
• Serve as a primary Network Security Engineer supporting the program.
• Plan, deploy, integrate, and test network upgrades at operational sites.
• Conduct independent research on networking and security topics and produce reports on findings.
• Ensure systems and devices are properly STIGed and hardened.
• Execute required cyber protocols to maintain compliance and security standards.
• Support real-world events, including work during nights and weekends when required.

• Must be a U.S. Citizen and maintain a valid U.S. passport.
• Ability to travel to alternate work locations (e.g., Schriever Space Force Base) to support deployments.
• Understanding of OSI Model, TCP/IP, VLANs, and UDP Multicast.
• Experience with firewall configuration (e.g., Juniper, Cisco, Palo Alto).
• Knowledge of ACL design and function.
• Hands-on experience with multi-vendor switching and routing (Juniper, Cisco).
• Strong communication skills, including writing and presentation using Microsoft PowerPoint and Visio.
• Ability to design security configurations and testing procedures.
• Familiarity with NIST CVE framework.
• Experience with virtualization technologies.
• Ability to work collaboratively in a team environment.
• Intermediate knowledge of security design, development, and testing methodologies.
• Experience applying DoD security practices, including STIG compliance and system accreditation.
• Ability to document project design and development efforts.
• Ability to communicate network security requirements and compliance to other departments.
• Ability to learn and apply security hardening techniques across various products and applications.
• Ability to summarize findings and recommend solutions to leadership.
• Understanding of VMware and ESXi STIGing/hardening basics.

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this position. Reasonable accommodations may be made to enable individuals with disabilities to perform these functions.

While performing the duties of this job, the employee is regularly required to:

• Remain in a stationary position for extended periods of time.
• Operate a computer, keyboard, and other office equipment using hands and fingers.
• Communicate effectively in person, over the phone, and through electronic means.
• Occasionally move about the office to access files, office equipment, and meeting spaces.
• Lift and/or move up to 15 pounds as needed.
• Maintain specific vision abilities, including close vision and the ability to adjust focus.

This position is performed within a secure, classified workspace. Employees must comply with all applicable security protocols and access control procedures, including restrictions on personal electronic devices and the handling of sensitive information.

At the core of Trace3's DNA is our people. We are a diverse group of talented individuals who understand the importance of teamwork and demonstrating leadership, character, and passion in all that we do.

We’re committed to fostering an inclusive workplace where everyone feels respected, valued, and empowered to grow. We recognize that embracing diversity drives innovation, improves outcomes, fosters collaboration, boosts teammate satisfaction, and builds a more inclusive culture.

As an equal opportunity employer, Trace3 bases all employment decisions based on individual qualifications, merit, and business requirements. We do not engage in discrimination on the basis of race, color, religion, sex (including gender identity, sexual orientation, and pregnancy), national origin, age (40 or older), disability, genetic information, or any other characteristic protected by federal, state, or local law.

Any demographic information provided is strictly voluntary, kept confidential in accordance with Equal Employment Opportunity (EEO) regulations, and will not be used in employment decisions, including hiring, promotions, or mentorship programs. We are committed to providing equal employment opportunities for all.

If you require a reasonable accommodation to complete the application process or participate in an interview, please email recruiting@trace3.com.

***To all recruitment agencies: Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.