Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
POSITION TITLE
Senior Network Engineer Cisco & Zero Trust Architecture
CLEARANCE REQUIREMENT
Must be eligible to obtain a Public Trust Tier 2 clearance or hold an active DoD security clearance
POSITION OVERVIEW
IMRI is seeking an experienced and strategic Senior Network Engineer to support a high-visibility federal customer environment. This role is responsible for leading the design, implementation, and sustainment of secure, enterprise network architectures built on Cisco technologies and aligned with Zero Trust principles. As a senior technical contributor and advisor, you will play a key role in strengthening network security, resilience, and operational performance, while supporting ongoing incident response remediation efforts and compliance with federal cybersecurity standards.
KEY RESPONSIBILITIES
Enterprise Network Engineering & Operations Lead the design, implementation, operation, and optimization of enterprise Cisco network infrastructure across core, distribution, access, and edge environments Ensure high availability, scalability, performance, and resilience of mission-critical network systems Perform advanced troubleshooting and root cause analysis (RCA) for network outages, performance issues, and security events Network Security Architecture & Compliance Implement and sustain network security controls aligned with NIST SP 800-53 and Zero Trust Architecture (NIST
SP 800-207
) Drive Zero Trust adoption through network segmentation, micro-segmentation, and continuous verification strategies Continuously assess and strengthen network security posture through monitoring, risk mitigation, and evolving best practices Network Access Control & Identity Integration Architect and enforce secure network access controls, including 802.1X port-based authentication , role-based access, and identity-aware networking Integrate network access with enterprise identity services to support least-privilege access models Routing, Switching & Infrastructure Services Oversee routing, switching, and core network services, including VLANs, DNS, DHCP, and VPNs Ensure secure configurations, optimal performance, and alignment with organizational standards Perimeter Security & External Access Protection Secure public-facing and edge network environments, including firewalls, remote access solutions, and perimeter devices Implement strict access controls, ingress/egress filtering, and monitoring to defend against external threats Monitoring, Logging & Security Operations Enablement Establish and manage enterprise network monitoring, logging, and alerting capabilities Integrate network infrastructure with SIEM and network detection and response (NDR) platforms to enhance visibility and threat detection Support 24/7 operational monitoring environments and incident response readiness Vulnerability Management & Device Lifecycle Lead structured vulnerability management activities, including patching, firmware updates, and remediation Maintain lifecycle management processes to ensure all network assets remain secure, supported, and compliant Change Management & Documentation Ensure all network changes follow formal change management processes, including impact and security analysis Maintain detailed network diagrams, configuration baselines, and asset inventories Develop and maintain Standard Operating Procedures (SOPs) to support audit readiness and operational continuity Incident Response & Security Support Provide network-level expertise during incident response activities, including traffic analysis, containment (e.g., segmentation, traffic blocking), and forensic data collection Support audits, assessments, and compliance reviews by providing documentation, evidence, and remediation support Technical Leadership & Collaboration Serve as a senior technical advisor to stakeholders and cross-functional teams Collaborate with cybersecurity, cloud, and Microsoft engineering teams to resolve complex challenges and improve network architecture Act as an escalation point for advanced service desk issues and network-related initiatives Key Technical Responsibilities Implement and maintain security controls across NIST domains (AC, CM, SC, AU) Enforce Zero Trust architecture (segmentation, micro-segmentation, identity verification) Design and implement least-privilege, role-based network access controls Deploy and manage 802.1X network access enforcement Configure centralized logging with integration to SIEM platforms Conduct continuous monitoring, vulnerability assessments, and RMF-aligned remediation Harden network devices using Cisco Secure Configuration Guides and secure baselines Secure perimeter infrastructure through firewall management, filtering, and MFA enforcement Perform root cause analysis and implement corrective/preventive actions Maintain automated patching and firmware lifecycle processes Administer and troubleshoot DNS services within enterprise environments Develop and maintain accurate, up-to-date network diagrams and documentation
REQUIRED QUALIFICATIONS
Extensive experience with Cisco enterprise network engineering and operations Advanced knowledge of routing, switching, and network architecture design Demonstrated experience implementing Zero Trust principles and segmentation strategies Strong understanding of NIST SP 800-53 and
NIST SP 800-207
frameworks Hands-on experience with firewalls, VPNs, network access control, and security technologies Expertise with 802.1X , identity-based networking, and access enforcement Experience integrating network infrastructure with SIEM and monitoring platforms Proven ability to perform system hardening, vulnerability remediation, and compliance support Strong analytical and troubleshooting skills, including root cause analysis Experience supporting structured change management and documentation practices
PREFERRED QUALIFICATIONS
Experience supporting federal agencies or highly regulated environments Familiarity with Cisco Secure Configuration Guides and security hardening standards Experience with NIST Risk Management Framework (RMF) processes Knowledge of automated patch management and enterprise device lifecycle strategies
