Sr. Systems Engineer

in Washington DC, DC

Job #:264819

Practice Area: Technology

Date Posted: 04/11/2018

Share this job  

ettain group has an immediate opening for a Sr. Systems Engineer for its client in Washington D.C.  This is a direct placement position.  

 NO Corp 2 Corp

Job Summary

The Senior Systems Engineer plays a critical role in designing, configuring, maintaining network infrastructure, telephony, systems and software applications and solutions for our client and SRR with a special focus on Information Security. Activities include market research, best practices study, Proof of Concept development, solution comparison matrix analysis, configuration management, system engineering and maintenance, system monitoring, trouble-shooting, change control, end-user training and assistance, desktop support, asset management, account management, content management and system documentation.

Job Responsibilities

To perform this job successfully, an individual must be able to perform each essential duty and responsibility satisfactorily. Reasonable accommodations may be made to enable an individual with disabilities to perform the essential functions. Other duties may be assigned to meet business needs.

• Participate in technical systems design and development; project planning and administration activities.

• Interface and collaborate with Information Security team to validate and implement recommendations into production environment.

• Plan, deploy, configure and implement technologies such as Disk Encryption, Data Masking, Data Obfuscation, etc.

• Responsible for insuring all networks have adequate security to prevent unauthorized access. Experience in configuring firewalls, access control list (ACLs), Network IDS/IPS, Host IDS/IPS, DLP, etc.

• Independently perform Proof of Concept study by working with several vendors, deploying products in test environment, conducting analysis on benefits and suitability, and providing final recommendation to leadership. Ability to prepare reports and present to leadership.

• Maintain patch management for networks and systems with zero-day vulnerability patching across the enterprise using Kace.

• Configure, manage, and troubleshoot network switching equipment, including Cisco layer 3 switches, Cisco routers, Fortinet UTM. Be familiar with basics of routing (static routes and a bit of OSPF).

• Configure and manage Meraki wireless access points, including load monitoring and rebalancing, recommending upgrades/additions as needed. Be familiar with Meraki Wireless control modules.

• Configure and tune monitoring of IT operations using automated monitoring tools (Solarwinds, SCOM, Splunk) and respond to alerts, with proper internal and vendor escalations, including after-hours.

• Act as first line of endpoint decontamination taskforce following a security breach event of client workstations.

• Periodic log and monitoring trends analysis.

• Maintain asset management databases for hardware assets and software licenses; including IP address; DNS zones, etc. Maintain and update an IPAM (IP Address Manager).

Additional Responsibilities

• Develop and maintain working relationships and collaborate with various vendors/other stakeholders.

• Analyze and review existing processes and procedures to determine areas of possible improvement that will lead to gains in efficiency and security.


Job Requirements

To perform this job successfully, an individual should possess the knowledge, skills, and abilities listed and meet the amount of education, training and/or work experience required.

Education and Experience

• Bachelor’s degree or equivalent experience/training preferred.

• Over 10 years of experience in information security with Expertise using and managing firewalls, Network & Host IDS/IPS systems, Network & Host DLP, VPN, web application firewalls (WAFs), OS hardening, multi-factor authentication, encryption key management, database security controls, and network segmentation. Experience with security on Windows systems preferred.

• Over 10 years of experience in network engineering activities.

• Over 2 years of vendor management experience preferred.

Knowledge, Skills, and Abilities

• Ability to translate Information Security recommendations into practical implementation to production environment.

• Expert-level knowledge of Active Directory, including Group Policy creation and management

• Experience with O365 Administration.

• Experience working with leading firewall (such as Fortigate firewalls, Cisco ASA, Sophos UTM, Palo Alto UTM), intrusion detection technologies (SourceFire/Snort, Sophos UTM).

• Experience implementing and managing spam filtering and web filtering solutions (such as ProofPoint).

• Experience managing Windows updates with Kace, WSUS or SCCM

• Experience with 3rd party update management solutions is a plus

• Knowledge of Windows Server 2016, 2012R2, Active Directory, and Group Policy

• Knowledge of securing servers (Linux and Windows); desktop systems (Win7, 10) and networks (Cisco, etc.)

• Knowledge of mobile security and MDM.

• Cloud security concepts and protection. Experience with AWS Security and IDM is a huge plus.

• Knowledge of common application vulnerabilities, current threat vectors and mitigations.

• Experience working with Network Fault and Performance Manager tools (Solarwinds).

• Participate in the enterprise Incident Response Plan and lead incident response activities.

• Understanding of Cisco switch and router configuration, Firewall configuration (Fortinet, Sonicwall, etc).

• Some Microsoft or Linux network administration functions desirable (e.g., MCSE, MCSA, Linux+, Server+ certification) would be nice.

• Ability to work in a team environment. Effective working with matrix teams across organizational structure. Ability to work in collaboration with a variety of stakeholders to identify and discuss issues is key.

• Ability to work with external service providers and vendors.

• Ability to work calmly during stressful circumstances. Strong interpersonal and communication skills.

• Experience with building and troubleshooting Microsoft SQL clusters (AlwaysOn) preferred.

• Ability to work in fast paced environment managing multiple tasks driven by multiple deadlines.

• Must be dependable due to operational nature of work. Occasional, but infrequent off-hours work may be needed to respond to critical operational issues.


• Must be able to obtain or currently possess a U.S. Government clearance at the Public Trust Moderate (MBI) level or higher

• Must be a United States Citizen or a Legal Permanent Resident (LPR) with at least three (3) years of consecutive residence in the United States as indicated on the United States Citizenship and Immigration services (USCIS) LPR issued card

Working Conditions

• Office work environment.

• Occasional off-hours maintenance work.

Job Location

Washington, D.C.

How to Apply

Please apply online

ettain group

ettain group is the talent solutions company dedicated to the best match for people and employment opportunities in IT, healthcare IT and digital creative. Top employers and highly skilled talent throughout the U.S. select ettain group for an unparalleled recruitment experience. Our culture empowers teams to deliver with flexibility based on market intelligence. We recruit resources, own projects and manage programs to offer a wide range of IT development and talent solutions to our clients and candidates. To learn more about ettain group visit To explore job opportunities with ettain group, visit


Apply Now