Original listing text, shown exactly as published by the company.
Responsibilities
Campus & Facility Network Architecture
- Design and build LAN infrastructure for corporate offices and facilities, including switching, routing, VLAN design, and network segmentation strategies that support enterprise workloads.
- Own network lifecycle management across facilities, including hardware procurement, capacity planning, firmware management, and documentation.
- Deploy and manage enterprise wireless infrastructure across multiple facilities, ensuring secure wireless access for corporate users and isolated network segments for operational and ITAR-controlled systems.
Zero-Trust & Network Security
- Implement zero-trust network architecture across Northwood's facilities and cloud environments, including microsegmentation, identity-aware access controls, and least-privilege network policies.
- Deploy, configure, and manage FortiGate firewall infrastructure, including policy management, network segmentation, and security zone enforcement for government and ITAR-controlled workloads.
- Administer Cloudflare Zero Trust and tunnel configurations to support secure remote access, site-to-site connectivity, and traffic inspection across distributed facilities.
- Collaborate with the security engineering team to implement network-based detection controls, integrate network telemetry with SIEM platforms, and support incident response efforts.
Hybrid Cloud & WAN Connectivity
- Design and manage hybrid network connectivity between on-premises facilities, AWS Commercial, AWS GovCloud, and Cloudflare's backbone, including VPN solutions, private connectivity, and multi-cloud routing architectures.
- Ensure network architecture supports compliance requirements for CUI handling, including appropriate segmentation between commercial and government workloads.
Automation & Monitoring
- Implement network monitoring and observability tooling to maintain visibility into performance, availability, and security posture across all network segments.
- Develop and maintain network automation using tools such as Ansible, NetBox, or equivalent, reducing manual operational burden and enforcing configuration consistency.
- Document network architecture, configurations, and standard operating procedures to support compliance audits and operational continuity.
Cross-Functional Collaboration
- Partner with security engineering on firewall policy reviews, network access control design, and compliance evidence collection for CMMC and FedRAMP assessments.
- Collaborate with infrastructure and engineering teams to ensure network design supports operational requirements and future scaling.
- Integrate network infrastructure with identity management systems, including Okta, to support network access policy enforcement and user lifecycle management.
Basic Qualifications
- Bachelor's degree in Engineering, Computer Science, or a related discipline and 5+ years of enterprise networking experience, or 7+ years of enterprise networking experience without a degree.
- Hands-on experience with enterprise switching and routing, VLAN design, and network segmentation in production environments.
- Demonstrated experience deploying and managing FortiGate firewall infrastructure, including policy management and network zone enforcement.
- Experience designing and implementing zero-trust network architectures, including microsegmentation and identity-aware access controls.
- Experience with cloud networking in AWS, AWS GovCloud, or multi-cloud environments, including hybrid connectivity and private networking.
- Hands-on experience with Cloudflare, including Zero Trust, tunnels, and DNS.
- Experience deploying and managing enterprise wireless infrastructure across multiple facilities.
- Proficiency with network monitoring, automation, and troubleshooting tools.
- Ability to obtain and maintain a TS/SCI clearance.
- U.S. citizenship or status as a lawful permanent resident required to conform with ITAR export regulations.
Preferred Qualifications
- Active TS clearance or higher.
- Proficiency with network automation tools including Ansible and NetBox.
- Industry certifications such as CCNP, ACNP, or equivalent enterprise networking credentials.
- Background in aerospace, defense, critical infrastructure, or other government-adjacent regulated industries.
- Experience with ITAR compliance and network isolation requirements for controlled technical information.
- Familiarity with CMMC, NIST 800-171, and DFARS compliance requirements as they relate to network architecture.
- Experience integrating network infrastructure with identity management platforms such as Okta or Azure Active Directory.
