Network Architect

Leidos has an opening for a Network Architect to support a program for the Federal Retirement Thrift Investment Board at a location in the District of Columbia. The program provides a range of IT services, including network support. This position will be responsible for overall network engineering design, maintenance, and support including planning, designing, and evaluating various components of the network. Duties may include providing specifications for network architecture, evaluating, and recommending new technologies to enhance current capabilities, and performing needs assessments. Support level duties may include monitoring, installation, modification, testing and servicing of network equipment.

Responsible for entire projects or processes spanning multiple technical areas. Manages large projects or processes while developing solutions to complex technical issues and problems that impact multiple area or disciplines. In addition, the position requires communicating with internal team members across multiple areas and client team members as well as with parties external to the organization (e.g., sub-contractors, vendors, etc.).

The successful candidate will be responsible for managing the agencies’ local area network (LAN) and WiFi, maintaining and upgrading network infrastructure, including wired and wireless access points, Zscaler Client-Connector end-user host clients, and Zscaler App-Connector instances, managing and configuring Zscaler Zero-Trust access policies, and providing security upgrades. This position will be responsible for leading the engineering and design for implementation of Direct Internet Access, IPv6, network refresh, and other networking projects. In addition, the successful candidate will perform proper trade study for network monitoring tools and perform Analysis of Alternatives (AoA) to evaluate and determine the best toolset for the existing requirements, current operational environment, and customer goals. Further shall continuously improve the quality and efficiency of IT services by implementing industry best practices and enhancing the agency’s zero trust posture.

PRIMARY RESPONSIBILITIES:

• Plan and design secure network solutions to consolidate connectivity services under an enterprise service. 

• Partner with key stakeholders and technical experts to perform legacy environment discovery, assessing current capabilities, configurations, and unique requirements to develop a design and architecture leveraging approved design patterns.   

• Provide technical expertise and guide FRTIB on the design, procurement, and implementation of new network devices in a zero trust, managed services environment.

• Design secure wide area connectivity inclusive of underlay, overlay, and Common Operational Interface (COI) transport design that supports performance, quality of service, security, and mission requirements.  

• Provide secure access solutions leveraging wired and wireless technologies, integrating standards, use cases/scenarios, and develop associated implementation and transition plans.  

• Integrate capacity planning and scaling of network and security stack environments into the overall design of solutions.

• Collect, investigate, and identify network optimization strategies and techniques to meet capacity and performance standards.  

• Identify legacy service paths (i.e. dataflow, firewall rulesets, and ACLs) and develop strategies and designs for the to-be enterprise service capability to meet requirements while balancing security, sustainability, and maintainability.

• Support development of IP addressing schemes across IPv4 and IPv6 networks.

• Work with information assurance teams to ensure compliance to government standards to assist with providing accreditation artifacts.

   
BASIC QUALIFICATIONS:

• Minimum of a Bachelor’s degree in Science, Technology, Engineering  and Math (preferred) with 12-15 years' experience or Master's degree with 10-13 years of experience (additional years of directly applicable experience may be accepted in lieu of a degree).

• Require network certification which shall meet or exceed a Cisco Certified Network Professional (CCNP).

• Require active CompTIA Security+ certification or equivalent

• Experience documenting logical or physical designs using drawing tools (e.g. Visio, Powerpoint, Gliffy, Cameo, MagicDraw) to depict systems, subsystems, interfaces, components, and communications of I/T applications and infrastructure

• Experienced and comfortable with conducting technical troubleshooting to resolve issues.

• Experience conducting site surveys or analyzing data obtained from site surveys.

• Experience creating or executing a migration plan to move circuits, network traffic, services, applications, or data between environments or to a commercial cloud provider. Alternatively, experience planning or executing a technology refresh or lifecycle refresh of an existing I/T system.

• Heavily experienced in upgrading and LCR of network devices.

• Must have broad exposure to common I/T infrastructure networking in the areas of DNS, DNS64/NAT64, LAN, WAN, TCP/UDP, IPSec, VPN, Proxies, Routing(L2/L3), and Firewalls.

• Must have experience in working with two or more of the following vender network technologies: Azure/M365, Zscaler, Cisco, Juniper, Palo Alto, Dell, Brocade.

• Demonstrate experience in designing and implementing medium to large network infrastructure and producing corresponding technical documentation.

• Must be able to work as part of a team to troubleshoot and resolve complex network issues with managed service providers.

• Excellent written and verbal communication skills. This shall include drafting SOPs and technical documentation.

• Requires ability to communicate with executive leadership (internally or client) regarding matters of significant important to the organization/project.

• Must be able to present designs and plans to technical leadership personnel and boards for approvals.

PREFERRED QUALIFICATIONS:

• Certified Cisco Internetwork Expert (CCIE)/Cisco Certified Design Expert (CCDE) or equivalent.

• Microsoft Certified: Azure Solutions Architect Expert

• Demonstrate experience in one or more of the following enterprise network management tools such as Palo Alto Panorama, SolarWinds, Cisco Prime, Cisco DNA, What’s Up Gold, or Junos Space.

• Experience in designing and implementing VTC solutions.

• Proficiency in designing and configuring Azure VNets, subnets, and peering.

• Experience implementing IPv6 projects.

• Experience implementing Dedicated Internet Access (DIA) circuits in a zero-trust environment.

• Experience implementing projects moving network locations.

• Demonstrate expertise in design and improvement of complex and geographically enterprise networks.

• Demonstrate experience in system hardening of network infrastructure

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.