The mission of the OFR is to support the Financial Stability Oversight Council (FSOC) in promoting financial stability by: collecting data on behalf of FSOC; providing such data to FSOC and member agencies; standardizing the types and formats of data reported and collected; performing applied research and essential long-term research; developing tools for risk measurement and monitoring; performing other related services; making the results of the activities of the OFR available to financial regulatory agencies; and assisting such member agencies in determining the types of formats of data authorized to be collected by such member agencies.
Key Tasks and Responsibilities
The successful candidate will have a successful track record of performance in their field of expertise while being a self-starter. This position will provide engineering, design, and implementation solutions for multiple data center, office, and cloud-based network architectures. This position will have a strong background in network protocols and security, AWS cloud networking, switching and routing implementation, security device implementation, and TCP/IP protocol analysis. The Network Engineer designs, augments, maintains and monitors network performance and security in multiple computing environments by identifying network requirements; installing upgrades; monitoring network devices and logs, and managing network security configuration consistency. This position requires strong communication skills and strong technical writing capability.
- Analyze, design, test, install, documentation, implement and support complex network solutions in cloud environments (i.e. AWS and Azure).
- Experience with Amazon Web Services (AWS), specifically:
• Experience using CloudFormation to deploy network resources in AWS
• Experience with deploying basic VPC networking including availability zones, public and private subnets
• Experience deploying network gateways including the Internet gateway, NAT gateway, Virtual Private Gateway, and S3 Gateway
• Experience in virtual private networking between Amazon and on-premises using the Virtual Private Gateway, IPSEC tunnels, and BGP routing
• Experience with the Transit Gateway including connectivity between multiple VPCs and Amazon accounts
• Working knowledge of AWS IAM policies and permissions
• Experience working with AWS DirectConnect including distribution of bandwidth among multiple AWS accounts
• Experience working with network/security EC2 appliances in AWS including Cisco CSR and Palo Alto VM-Series firewalls
- Experience with RedHat Ansible Tower to perform automated network operations.
- Implementation and support of the network security infrastructure including Palo Alto firewalls, content filters, and VPN services.
- Configuration of firewall access control lists and associated security policies, updating of mandated IP block lists.
- BlueCoat web proxy and content analysis system configuration, policy development, and troubleshooting. Application of mandated URL and file type block lists.
- Experience with Cisco Identity Services Engine authentication and authorization policies and a working knowledge of wired and wireless RADIUS and EAP-TLS protocols.
- Working knowledge of SMTP and Email security gateways, ability to troubleshoot Email transport and associated security policies, application of mandated Email block lists.
- Solid understanding of network protocols such as Ethernet, TCP/UDP/IP, ARP, ICMP, DNS, HTTP/S, IPSEC, SNMP, and SMTP. Familiarity with network architectures such as core/distribution/access and leaf/spine.
- Solid understanding of routing including experience working with routing protocols such as BGP, EIGRP, and OFPF.
- Experience performing complex network troubleshooting using industry standard tools such as Wireshark, nslookup/dig, icmp, tcpdump on network/security devices and Windows/Linux endpoints. Experience reviewing network related logs on Windows and Linux endpoints for troubleshooting purposes.
- SolarWinds operation and configuration including configuring SNMP monitoring of network/security devices, configuring alerts, maintaining inventory, and running reports.
- Experience with data center and office copper and fiber cabling standards, server/network rack equipment installation, and general knowledge of UPS/PDU operation.
- Cisco Catalyst and Nexus switch and ASR router configuration, troubleshooting, and upgrading/patching network operating system software. Experience working with Cisco TAC in resolving complex issues.
- Cisco wireless controller configuration and troubleshooting, working knowledge of 802.11ac wireless communications.
- Working knowledge of PKI and SSL certificates.
- Basic understanding or experience with VMWare vSphere, NSX, vSwitch, and ESXi hosts and how to troubleshoot networking problems.
- Working knowledge of Linux and Linux-based network operating systems.
- Familiarity with the security assessment and authorization process.
Education & Experience
• Bachelor's Degree desired. Previous related and or military experience or certifications in related
field may substitute for formal education.
• 5+ years' working in Information Technology operations with specific experience in systems and/or network operations.
• Prefer at least one year of performing in the same role as described in this position description.
• Strong interpersonal communication (i.e., verbal, presentation and written) skills.
• CCNA, CCNP
• Security +
• Public Trust