COI/Firewall/IDS-IPS Engineer

Responsibilities

We are seeking a highly skilled and innovative COI/Firewall/IDS-IPS Engineer to join our team in the greater DMV area, supporting the Army National Guard.

 

Responsibilities

• Lead design, implementation, and lifecycle management of next‑generation firewalls (NGFW), IDS, and IPS across COI, on‑premises, cloud, and hybrid environments.
• Architect segmented network environments applying zero‑trust, least‑privilege, and defense‑in‑depth principles.
• Develop and maintain firewall policies, ACLs, NAT, VPN architectures, and security rule sets governing inter‑enclave and external connectivity.
• Perform deep‑packet inspection, signature tuning, anomaly detection refinement, and traffic‑flow validation to detect APTs, lateral movement, C2, and data exfiltration.
• Integrate NGFW/IDS/IPS telemetry with SIEM and SOAR platforms to enhance correlation, detection, and incident response.
• Conduct technical risk assessments and control validations aligned to NIST SP 800‑53, NIST SP 800‑41, DoD STIGs, and RMF requirements.
• Execute rule‑base optimization reviews, configuration audits, and compliance assessments to reduce attack surface and improve detection fidelity.
• Lead troubleshooting and root‑cause analysis for complex network security incidents; coordinate containment and remediation with SOC, network, and system teams.
• Provide architectural guidance for high‑availability deployments, encrypted traffic inspection, secure remote access, and secure system onboarding.
• Maintain detailed documentation, data‑flow diagrams, change control records, and evidence to support continuous monitoring and accreditation.

#ENOCS

Qualifications

Qualifications

• Minimum of 8 years with BS/BA; Minimum of 6 years with MS/MA; Minimum of 3 years with PhD

• Clearance: Active TS/SCI clearance.

• Candidate must meet ONE of the following:

  • Master’s degree or Ph.D. in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, Software Engineering, or a related field; OR
  • Relevant DoD/military training (example: Security Architect (Advanced) Playlist); OR
  • Relevant professional certification or equivalent experience (examples: CCNP Enterprise, CISM, CISSP‑ISSAP, CISSP‑ISSEP, GCIA, GDSA, GICSP).

• Required experience and skills:

  • Network/security engineering experience with at least 3 years designing and operating NGFW/IDS/IPS in enterprise or DoD environments.
  • Hands‑on expertise with firewall platforms, IDS/IPS technologies, TLS/SSL inspection, VPNs, NAT, ACLs, and high‑availability clustering.
  • Experience tuning signatures, creating detection logic, and validating detections using packet capture and telemetry analysis.
  • Proficiency integrating telemetry into SIEM/SOAR, developing correlation rules, and enabling automated playbooks for response.
  • Strong knowledge of NIST SP 800‑53/800‑41, DISA STIGs, RMF control families, and compliance/audit evidence practices.
  • Proven incident response coordination, root‑cause analysis, and cross‑functional remediation leadership.
  • Excellent documentation skills for architecture diagrams, rule‑base rationalization, and change control artifacts.

• Desired:

  • Prior DoD/COI/ARNG network‑security or CCRI support experience.
  • Experience with encrypted traffic inspection at scale, TLS decryption architectures, and privacy/inspection tradeoffs.
  • Familiarity with cloud‑native firewall/IDS services and hybrid integration patterns.
  • Experience advising senior leadership on carrier/provider escalation, SLA risk, and architectural tradeoffs.

#ENOCS

Peraton Overview

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

Target Salary Range

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.