Lead Network Security Engineer

The Network Security Engineer will be responsible for developing recommendations related to maintaining, monitoring, troubleshooting, and optimizing the network infrastructure and cybersecurity tools that supports the safe and efficient operation of the client's transportation systems. The role focuses on network devices, security tools, and communication links within and between Transportation Management Centers (TMCs), and headquarters.This position requires a strong understanding of core networking and cybersecurity principles, best practices, and a demonstrated interest in intelligent transportation technologies.Key ResponsibilitiesDevelop and Implement Backup StrategyDesign and Implement an Asset Inventory and Management ProgramEnable and Centralize LoggingEliminate shared passwords and deploy password management solutionDeploy vulnerability scanning on OT infrastructureDraft Initial Continuity of Operations Plan (COOP)Respond to and resolve network incidents, including connectivity issues, performance degradation, and security alerts.Perform routine maintenance tasks such as firmware updates, configuration backups, and equipment replacement support.Assist in the configuration and management of firewalls, intrusion detection and prevention systems (IDS/IPS), and other security appliances.Document network configurations, standard procedures, and operational guidance.Support vulnerability scanning and remediation efforts.Assist maturing the cybersecurity incident response plans.Prepare detailed reports of security incidents and network anomalies for appropriate authorities, including the FBI and headquarters.Work closely with client lead and other cybersecurity team members to support security and compliance.Collaborate to support the integration of new intelligent transportation system devices and applications.Minimum QualificationsBachelor's degree in computer science, information technology, or a related field, or equivalent experience.Strong understanding of TCP/IP, routing, switching, and network security principles.Proficiency configuring and troubleshooting LANs, VLANs, trunks, spanning tree, IP subnetting, routing protocols, and wireless networkingProven experience in network administration and troubleshooting.Ability to perform and analyze packet traces.Proficiency with firewalls to configure and troubleshoot security rules, NAT, threat protection, and loggingExperience with IDS/IPS and SIEM tools, security event triage, and escalation.Familiarity with network monitoring tools.Familiarity with vulnerability scanning tools.Excellent problem-solving and communication skills.Display a strong grasp of key cybersecurity and IT concepts such as:Cloud Concepts: SaaS, IaaS, PaaS, hybrid, on premisesCybersecurity Principles: defense in depth, least privilege, CIA triadCybersecurity Technology: NAC systems, next-generation firewalls, VPNs, micro segmentation, IAM, vulnerability management, encryptionIT principles: High availability, clustering, failover, single point of failure, dynamic routing, classification, taggingServer and Compute: Client Server, virtualization, clustering, failover, backups, imagingA strong desire to learn and grow within the field of intelligent transportation systems.Preferred QualificationsData classification principles and enforcementUnderstanding of cybersecurity frameworks such as NIST CSF, CIS Critical ControlsExperience supporting operational technology or critical infrastructure environments.Experience working with distributed networks that support transportation, public sector, industrial, or field-based operations.Familiarity with cybersecurity incident response and escalation procedures.Experience balancing network security requirements with system availability and operational continuity.Hands-on familiarity with modern network security monitoring, event analysis, and infrastructure documentation practices.Core Knowledge AreasT CP/IP networking, subnetting, routing, and switching.VLAN design, segmentation, and troubleshooting.Network security fundamentals, including firewalls, IDS/IPS, access control, and secure configuration.SIEM monitoring, security event triage, and escalation.Network performance monitoring and availability management.Threat intelligence integration and operational awareness.Incident response support for network disruptions, malicious activity, and denial-of-service conditions.Documentation of network topology, procedures, and configurations.Collaboration with cybersecurity, operations, and engineering teams in a mission-critical environment.Work Environment and ExpectationsProven ability to work independently and to carry out assignments to completion within parameters of instruction given, prescribed routines and standard accepted practicesExperience working within an enterprise change control process.Must be able to work under pressure and meet deadlines, while maintaining a professional attitude and providing exemplary customer serviceStrong analytical/problem solving skillsArticulate verbal and written communication skillsComputer Proficiency in MS Office SuiteAbility to create legible Visio diagrams of IT and security systemsThe majority of these services are expected to be provided in a Hybrid work environmentThe position supports operationally important transportation environments and requires strong coordination with security, operations, and engineering stakeholders.The successful candidate must be able to communicate clearly, solve problems methodically, and operate effectively in a high-availability environment where uptime, safety, and security are all important considerations.