
Cloud Network Security Subject Matter Expert (SME) at NexGen Data Systems. Location Information: DHA Remote. Description. . NexGen Data Systems is seeking a highly skilled and experienced Cloud Network Security Subject Matter Expert (SME) to support our Cyber Security Engineering & Design team. In this critical role, you will be responsible for designing, implementing, and maintaining secure cloud network solutions, evaluating emerging technologies, and providing technical leadership across a multi-vendor enterprise environment. You will be a key contributor to our efforts in securing both cloud and on-premise infrastructure, supporting migrations, and ensuring compliance with DoD security directives. This role is fully remote.. Roles & Responsibilities:. Network Security Engineering & Design: Develop, engineer, and document emerging technology solutions across a multi-vendor platform to support an enterprise security architecture, including those for commercial and GOV cloud environments (Amazon, Microsoft Azure, and Oracle). This includes, but is not limited to, Web Application Firewalls (WAF), Network Access Control (NAC), malware/zero-day detection, SSL decryption, packet brokers, machine learning behavioral analysis, application-aware firewalls, enterprise log analysis, and intrusion detection systems.. Cloud Security Implementation: Design, deploy, upgrade, and support security components in a hybrid cloud network, including firewalls, routers, VPN devices, load balancers, and WAFs. Configure and maintain cloud-native security components such as network security groups, security lists, and network access control lists (ACLs).. Automation & Scripting: Leverage scripting and automation technologies (Python, PowerShell, F5 iRules) to simplify and streamline deployment and operations tasks.. Troubleshooting & Optimization: Troubleshoot and analyze server performance, workload distribution, and component sizing in a cloud environment. Assist with the implementation and optimization of server monitoring tools to maintain visibility on key metrics.. Network Connectivity: Extend on-premise networks to the cloud over direct connect and private gateways.. Security Expertise: Support migrations of various applications (commercial and custom) to the cloud environment, ensuring appropriate security posture with firewalls, WAFs, and other security devices. Provide expertise in Transport Layer Security (TLS) decryption and inspection.. Collaboration & Leadership: Collaborate with other Network and Security SMEs to accomplish tasks, design and assist sustainment/deployment engineers, and serve as a resource for the Cloud Network Engineer team. Participate in team meetings and provide status reports.. Documentation & Training: Develop and maintain comprehensive documentation to support projects. Create educational materials for operational teams and conduct instructional sessions for deployment and sustainment staff.. Business Planning & Compliance: Participate in business planning meetings to recommend technical solutions that meet capacity, scalability, and performance requirements. Adhere to change management policies and ensure compliance with DoD security directives and FIPS 140-2 requirements.. Knowledge Sharing: Proactively share technical and non-technical knowledge to improve team skills and foster cohesiveness. Seek opportunities for professional development through certifications, training, or conferences.. . Other Duties:. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.. Requirements. Desired/Required Skills:. . Bachelor’ of Science degree in Computer Science, Math, or Engineering field, or equivalent experience (5-7 years in a network engineering or telecommunications environment).. Top Secret security Clearance is required.. OS Certification (CCNA or higher) required; equivalent knowledge to a CCNP certification level.. 8140 Requirement: Engineering – IAT Level II (One of CCNA Security, CySA+, GICSP, GSEC, Security+ CE or SSCP) – able to obtain both OS and Security Certifications.. Minimum 10 years Network Administration experience (Cisco, Palo Alto, F5, Fidelis, etc.).. Minimum 4 years of experience working on enterprise-sized networks.. Minimum 3 years of F5 experience (SSLO, ASM, C3D, LTM, GSLB. Experience working with Network Automation frameworks (NetMiko, Napalm, Pandevice).. Cloud management and security (IAM, Azure Active Directory, AWS Key Management Service, Azure Encryption models).. Cloud networking technologies (Transit Gateway, Customer Gateways, Virtual Private Gateways, Internet Gateways, Peering, MeetMe, UDR, ExpressRoute).. Native cloud security tools (Azure Security Center, Azure Virtual Network TAP, Azure Log, AWS logging and CloudWatch), and non-native cloud security tools.. Experience with Application Programming Interfaces (API) of various network devices.. Cloud automation utilizing Java, Jenkins, Python, PowerShell, DevOps, Code Deploy and Cloud Formation.. Expertise with LAN/WAN technologies throughout a global infrastructure.. Experience in commercial and on-premises private cloud environments (AWS, Azure).. Experience with TCPDump and Wireshark for network traffic analysis.. Experience with implementing Office 365 in an Enterprise environment.. Knowledge of Cisco routers, switches, and firewalls.. Understanding of SaaS and IaaS private cloud connectivity to an Enterprise environment.. Experience with Cisco CSRv1000 and Palo Alto virtual firewalls.. IP Network Design & Troubleshooting Skills.. Understanding of authentication schemes, security assessment, and network management.. Experience designing and deploying network solutions in enterprise environments.. Excellent written and verbal communication skills.. Experience in large-scale enterprise network rollout and support.. Outstanding organizational and time management skills. Excellent communication and interpersonal abilities. Reliable with exceptional work ethic. Detail oriented with self-motivated attitude. Collaborative, team focus to support cohesive work team. Ability to handle competing priorities with high expectations in a team-oriented environment. About the Company:. NexGen Data Systems is an emerging technologies focused company providing expert systems and network engineering solutions to the Department of Defense. NexGen Data Systems promotes a culture of knowledge and career advancement through continued learning, keeping our team current on the latest advances in systems and networking, and enabling our team to provide the best available solutions to our clients.. Benefits:. Company covers 100% of premiums for the employee’s medical, dental, and vision insurance and subsidizes premiums for spouse and dependents.. Company provides short and long term disability plans.. 401(k) match up to 10% of the employee’s . salary. contributions to 401(K) plan.. Comprehensive training and development program.. 11 paid holidays and paid time off (PTO) accrual level starts at 15 days annually.. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.. NOTE: US Citizens and those authorized to work in the US are encouraged to apply. In order to be qualified for this position, you must be able to obtain and maintain a United States Department of Defense (DoD) security clearance. We are unable to sponsor Visas at this time. NexGen Data Systems provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.. .