Senior Network Security Architect & Systems Engineer (Boundary Protection)

Description

Dragonfli Group is a leading cybersecurity and IT consulting firm headquartered in Washington, DC, delivering advanced boundary protection, network engineering, and data security solutions for federal and commercial agencies. We are hiring a Senior Network Security Architect & Systems Engineer to lead network segmentation, firewall infrastructure, and policy modernization within a large-scale federal Boundary Protection Services (BPS) program. In this senior SME role, you will optimize security controls across Cisco, Juniper, and Fortinet environments, apply structured change management, and integrate AI/LLM tools to enhance compliance, drive automation, and support nation‑wide deployments.

The ideal candidate will have 11+ years of IT, data, operational analysis, and/or security experience, strong firewall administration expertise across Cisco, Juniper, and Fortinet devices, and demonstrated ability to implement change control processes. A deep understanding of IPv6, RFC 1918, Splunk reporting, and both Windows and Unix administration is required. Experience leveraging AI for compliance monitoring, firewall rule analysis, and policy recommendations is highly desirable.

Responsibilities:

• Apply structured change control processes and tools to develop and execute strategies for large-scale network security projects.
• Conduct impact analyses, assess change readiness, and provide actionable input to stakeholders.
• Document technical requirements and support the design and implementation of boundary protection solutions.
• Manage, configure, and optimize firewall operations in accordance with leading practices, leveraging platforms such as Cisco ASA, Juniper SRX, and Fortinet FortiGate.
• Review existing firewall rule sets for compliance, efficiency, and accuracy, applying IPv6 and RFC 1918 standards.
• Collaborate with Telecommunications Engineers and business owners to ensure secure and efficient network configurations.
• Utilize Splunk for log analysis, security event correlation, and compliance reporting.
• Administer and troubleshoot Windows, Unix/Linux, and Cisco environments to support operational continuity.
• Perform network device configuration and rule management across routers, switches, and firewalls.
• Research and recommend security improvements, leveraging AI and LLM-based analytics to ensure regulatory compliance, detect anomalies, and track remediation efforts.
• Support nationwide firewall deployments, including validation, testing, and ongoing rule management—transitioning from manual processes to AI-driven data analysis for identifying trends and informing policy.
• Monitor and maintain network visibility using Armis Centrix and other network discovery tools.
• Lead and participate in Change, Incident, and Problem Management processes to ensure service reliability and adherence to operational standards.
• Create and maintain comprehensive technical documentation, and provide knowledge transfer to team members and stakeholders.

Requirements

Required Skills

• Bachelor’s degree in Computer Science, IT, Security, or related field, OR equivalent experience
• 11+ years of IT, data, operational analysis, and/or security experience
• Expertise with firewall operations, configuration, and compliance review
• Proficiency with Cisco, Juniper, and Fortinet network devices
• Knowledge of IPv6, RFC 1918, and Splunk reporting
• Windows, Unix, and Cisco administration skills
• Experience with network discovery tools
• Strong communication and documentation abilities

Desired Skills:

• Proven ability to integrate AI/LLM tools into network security workflows
• Familiarity with risk mitigation strategies and success metrics tracking
• Change, incident, and problem management experience

Skill(s)

   CompTIA Network+, Cisco Certified Network Associate (CCNA), Sec+

Benefits

• Insurance — health, dental, and vision
• PTO and 11 Federal Holidays
• 401(k) employer match

Travel

None