Senior Firewall Network Engineer – University Information Services – Georgetown University

Georgetown University

Washington, DC

ID: 7117744
Posted: December 9, 2022
Application Deadline: Open Until Filled

Job Description

Senior Firewall Network Engineer – University Information Services – Georgetown University
Job Overview
The Senior Firewall Network Engineer leads the firewall design, configuration, and troubleshooting for the network backbone and edge network engineering team. This role is responsible for the design, planning, scalability, deployment, performance, and operation of our Firewall network. This position drives our security strategy and advances our security operations for WiFi, Internet, Data Center, and Cloud for all GU sites including Main, Medical, Law, offices in DC, and our network equipment for our location in Doha, Qatar.
The Network Operations and Engineering (INO) team supports our software and hardware networks, daily functions, ticketing, on-call, troubleshooting, maintenance, and installation and management of network and information security infrastructure including routers, switches, firewalls, and VPNs. INO is responsible for ensuring all network components are at consistent releases of software and firmware and have been patched for security. This team manages network services including DHCP, firewall rules, and network access control lists (ACLs). This position works closely and in collaboration with the Information Security Office. INO has primary responsibility for the engineering design, implementation, and operational maintenance of the University’s $50M network.
The INO team manages and provides support for the University’s integrated network (wired, wireless, data, telecommunications), data center production control for academic and administrative processing, systems management of enterprise server infrastructure, and facilities infrastructure project management.
To achieve this goal, NCS focuses on the following strategies:
reduce system downtime and increase operating efficiencies by ensuring that management of all systems and services follow defined standards and operating procedures and that all problems are resolved in a timely manner
prioritizing activities using a goal-driven process that, in combination with external benchmarking and research, attempts to maximize the mapping of our team’s activities to user-prioritized, business goals (i.e., we strive to work on the highest value activities while saying ‘no’ to lower value distractions)
increasing collaboration at all levels (e.g., within and between teams, with other UIS divisions, and with our user communities)
The Senior Firewall Network Engineer manages the Georgetown University enterprise network, which includes university capital and non-capital assets (switches, routers, gateways, cabling, servers, and software licenses) that exceed $40M in value.
They manage the critical enterprise network and voice systems and carry a cell phone for managing and participating in the resolution, communication, and escalation of system events and outages. As well, they work off-hours in the early mornings and late evenings to accommodate the requirements of the change management procedures.
Work Interactions
Reporting to the Senior Engineer Manager, the Senior Firewall Network Engineer is accountable to the AVP, Systems Engineering and Operations, works directly with network managers at other schools, technical and non-technical staff within UIS; and with our customers, typically department heads and their administrators.
Master’s degree in Computer Science, Management Information Systems, or work-related discipline/field from an accredited college or university [note: equivalent field experience will be considered]
8-10 years of experience – preference for 15 years of experience
Experience in selecting, testing, and deploying networking hardware and software.
Experience with ISP and Internet-scale networking, optical/DWDM, CDN, edge network security
Background in building and operating large-scale backbone and edge networks.
Ability to understand scripts and programs for automation, tools, frameworks, dashboards, and alarms (common uses: Python, Go)
Expert level knowledge in large-scale IP networking technologies and protocols such as MP-BGP, OSPF, ISIS, VRF, VxLAN, EVPN, QoS, GRE, IP SEC, DNS, and MACsec.
Experience with using software development to operate or deploy a large network. 5+ years of experience using Ansible, Python, YAML, or NETCONF/YANG.
Proficiency with various networking vendors such as Palo Alto and Cisco
Willingness and availability to carry a cell phone – and to work off-hours in the early mornings and late evenings – for duties as described above
Preferred qualifications
Cisco CCNP or CCIE certification
Experience managing voice systems PBX and IP telephony
Experience with tools such as Cisco Prime, Nagios, and SolarWinds
Experience in Systems Programming/Development