Network Security Engineer; On-Site

Position: Network Security Engineer (On-Site)
* Assists IT security management in promoting security culture, policies, and standards excellence.
* Serves as an example of IT security stewardship and practices excellence.
* Serves as a trainer of IT security principles, threats, and standards to HRT employees, and technical staff.
* Collaborates with management, cross-discipline engineer, technician, and non-IT staff for evaluation and implementation projects.
* Follows formal and informal management established processes including change management, configuration management, and other organizational structures.
* Develops and maintains system design documentation, tailored procedure documents, and training and socialization materials as required.
* Fosters and maintains a safe and team uplifting collaborative working environment.
* Communicates effectively orally and in writing.
* Maintains a high level of professionalism and discretion handling sensitive data and security topics.
* Demonstrates an excellent work ethic in support of IT security initiatives to support agency initiatives and the maturity of its IT security Program.
* Demonstrates ability to multitask and prioritize to achieve on-time delivery of expected work product.
* Fosters and facilitates a safe and team-oriented working environment.
* Takes a lead role in staying up to date on network and cloud infrastructure level threat intelligence and global security event impacts to agency.
* Assist and serves as top escalation point and vendor liaison for technically complex issues related to security alerts for AV and EDR platforms.
* Assist and serves as top escalation point and vendor liaison for technically complex issues related to work requests through ticketing, call number, and email systems.
* Assist and serves as top escalation point and vendor liaison for technically complex issues related to unusual or suspicious activity.
* Assist and serves as top escalation point and vendor liaison for technically complex issues related to vulnerability management system detections and remediation strategies.
* Develops and maintains system documentation including inventory, system design documents, as-builts, system security/disaster recovery plans, and incident response plans.
* Provides recommendations and implements mitigations for network level threats as SME.
* Deploys, assists and serves as top escalation point and vendor liaison for technically complex issues related to network security appliances and physical and virtual node architecture.
* Develops and communicates awareness of network security threats.
* Reviews, designs, and implements network firewall security configuration changes, as well as network architecture modifications.
* Develops and implements network node and topology security tool and logic improvements to enhance WAN/LAN security.
* Reviews, develops, and maintains system design documentation, tailored procedure documents, and training and socialization materials as required.
* Performs direct network implementations operations as need to support security implementations.
* Performs network infrastructure security analysis and configuration for all IT and OT networks including switching, routing, and firewalls.
* Assesses and performs vulnerability management activities for systems that may impact network security.
* Monitors, audits, and recommends security implementations for network hardware and specialized software dedicated to the operation of ICS systems.
* Audits, monitors, and resolves technical security implementation issues for established and new real-time and ICS networks.
* Installs physical security network nodes including syslog collectors, network taps, port mirrors, and network sensors along the Light Rail alignment.
* Performs preventative maintenance in accordance with HRT’s established state of good repair guidelines.
* Provide structured or ad hoc user training as required to help customers effectively utilize HRT computerized systems.
* Monitors CISA and industry resources to identify and track Zero Day announcements, providing applicability assessments for HRT systems, as well as to develop and test mitigations for effectiveness.
* Participate in Incident Response activities as per established HRT guidelines and as needed to support IT Security.
* Coordinate network security activity with team members. Maintain cyber security awareness, support Endpoint Protection, respond to cyber security incidents in accordance with established policies and procedures.
* Ensure adherence to HRT minimum hardware/software requirements; participate in cyber security reviews, assessments, and audits.
* Performs other duties as assigned (including but not limited to):  + Provide network node configuration assistance and troubleshooting.  + Provide solution evaluation research and evaluation of new network architecture and products.  + Systems, application, security engineering support.
* Ability to stay current on and translate emerging network threats and mitigating solutions into real world…