Network Manager

Network Manager

Boston, MAJoin our Talent Network

Chenega Technical Innovations is currently seeking talented individuals to add to our Talent Network.

Network Manager

Summary: The Network Manager will oversee the network team, monitors existing network infrastructure and ensure proper operation of all wired and wireless network equipment from a variety of vendors, to include Cisco, Nortel/Avaya, Brocade, Juniper and Aruba. This includes installing, managing, maintaining and troubleshooting data network systems, including GigE, switching, hubs, routing, mobile/wireless technology, protocols and protocol analyzers.

Duties and Responsibilities:

Maintain network at 99% or higher availability rate.

Identify, troubleshoot and repair complex network problems.

Provide Information Assurance (IA) support to ensure all network specific hardware meets standard configurations guidelines per DoD Security Technical Implementation Guides (STIGs) and receive all Information Assurance Vulnerability Alert (IAVA) security updates.

Update and maintain network architecture diagram and provide technical assistance for the DoD Certification and Accreditation Training and Certification Process (DIACAP) and Risk Management Framework (RMF) accreditations.

Coordinate and work closely with customer resources and configuration managers to manage and implement any changes to the architecture and monitor and troubleshoot communication issues.

Perform surveys, analyst and evaluate the performance and functionality of the customer backbone infrastructure; provide recommendations on improving performance and functionality.

Rapidly detect and resolve component and system failures and errors; operate and maintain the network and systems; install and replace network software and hardware; manage and administrator IDs, password and user profiles; and perform maintenance, including following power-off procedures to protect the system during emergency situations.

Process service orders (program switch, update assignments, extend service to customer) and Service Requests (test, troubleshoot and repair) for all approved Moves, Adds, and Changes (MAC) requirements.

Provide Service Desk / systems management data to trend analysis and service order performance.

Perform management of Data Network Services to support Joint Regional Security Stack (JRSS) equipment. Provide and analyze network utilization reports on a weekly basis to include circuit utilization, and top talkers, with detail of any anomalies found. Use tools including Solarwinds and Regional tools.

Provide local common-user Local Area Network (LAN) and Installation Campus Area Network (ICAN) touch labor for classified and unclassified networks (troubleshooting, repairing, etc.)

Manage dynamic allocation of Internet Protocol (IP) address space. Assign and maintain IP address database using Dynamic Host Configuration Protocol (DHCP) or Static IP Addressing. Develop and modify IP Assignment Schema as required. Monitor IP address utilization. Support Availability is 0700-1700 daily on non-holiday workday.

Apply the principles of port security through the use of 802.1x standard and other methods to harden the ICAN. Configure switches to utilize port security. Analyze issues and apply remediation.

Operate and maintain common core (backbone infrastructure) for voice/telephony network infrastructure equipment.

Operate and maintain common core (backbone infrastructure) network infrastructure equipment. This applies to the basic network and components and all subsequent phases and additions implemented.

Manage and maintain connection to external networks. Monitor the ICAN and LAN's by utilizing enterprise management software including Solarwinds, Riverbed, and eHealth to monitor network performance, analyze network activity, and maintain network availability. Perform network discovery and conduct fault analysis as applicable.

Analyze and evaluate the performance and functionality of the NSSC backbone infrastructure; recommend methods to resolve problems and improve performance. Provide the following: rapid detection and resolution of failures and component errors; routine network software and hardware installation and replacement.

Conduct event management on network infrastructure and monitor services. Restore critical automation services and data in event of disaster. Ensure backups of configurations, logs, software keys and updated versions, and systems are performed, and they are tested on a regular basis.

Design, engineer and configure, the common user building IT infrastructure to support voice and video. This includes the layers 1 through 7 of the Open Systems Interconnection (OSI) Basic Reference Model for common user voice/video networks or layers 1 through 4 of the OSI Basic Reference Model.

Maintain configuration management in the implementation of software upgrades. Provide technical input in establishing plans and SOP's for specific O&M routines. Recommend improvements to O&M methods, procedures and conventions.

Perform lifecycle replacement of network hardware using Government-Furnished Equipment (GFE). Return and replace failed network equipment through use of a Return Materials Authorization (RMA). Maintain and manage the lifecycle of all GFE in the Campus Area Network (CAN).

Support Network Modernization CONUS (NETMOD-C) fielding activities to include planning, coordination with installation tenants, multiple Authorized Service Interruptions, and replacement of existing hardware. Network Modernization is Command directed and Natick is on the schedule for FY19-20.

Analyze new or proposed system technologies, methods, or techniques and advise on the planning, development and implementation of new systems and procedures for operation in a worldwide user community.

Review and analyze network events, OPORDS, and emerging cyber threats and develop solutions and strategies to ensure survivability of Army networks against attacks aimed at disrupting services, gaining unauthorized access or violating the integrity of Army Information systems.

Provide an installation network security De-Militarized Zone (DMZ) IAW tenant SLA, to protect installation assets, to include life cycle management of IA enclave devices and other equipment that is under full control of the NEC-N/ DOIM/ R-CCC. Support the overall Army IA architecture by ensuring that publicly accessible information is provided through proxy services and confined to public DMZs

Respond to applicable OPORDS, TASKORDs, WARNORD's, Taskers, and other Requests for Information within the published deadlines. Analyze proposed ASI's and respond to the POC if the timing or action creates risk to the Installation Campus Area Network.

Perform on-site support to Install, configure and troubleshoot Mission funded firewall hardware and software. Maintain a complete and accurate list of Ports, Protocols, Services (PPS) for the installation; work with the appropriate Government agency/authority to request and manage necessary PPS requests for applications or requirements. Track and maintain a full list of PPS requests. Process and/or Implement PPS CR's for Army organizations.

Maintain insight of Enterprise firewall configurations and alerts; monitor attacks; and review audit logs to determine anomalies and report them to the Network Information Division (NID) Chief. Ensure Read Only or better access to Enterprise firewalls. Monitor all firewall rule sets to ensure submitted changes are accurate and properly entered. Perform changes on local managed Mission Funded firewalls IAW change management process. Analyze and request changes on other firewalls as required, through the proper channels.

Install, configure, and troubleshoot Mission funded web proxy devices for mission partners and networks. Ensure web proxy devices are operating appropriately. Monitor and troubleshoot connection issues relevant to web proxy traffic flow or site access. Request changes to proxy devices to ensure access to resources is permitted for authorized sites and services.

Install, configure, operate and maintain a Mission funded Virtual Private Network (VPN) server capability for remote broadband network access from remote locations for point to point VPN tunnel. Install, configure and troubleshoot site to site and Stand-Alone VPN equipment. Plan for surge and fluctuations in VPN demand to match available VPN licenses.

Ensure software licensing does not lapse and the hardware and software remains in a hardened state IAW STIG's. Ensure new STIG's are deployed within 30 days of release unless otherwise required to ensure system hardening. Ensure that all IAVAs are evaluated and applied.

Create and Maintain complete and accurate documentationto include current and historical user/device assignments, fiber interface/connection diagrams, hardware network diagrams, and any diagram that represents a view of the technology used in the network topology to include LAN's, CAN, Wide Area Network (WAN) connection, and what the data paths are. Ensure dead pairs of fiber are marked and are designated in relevant diagrams as appropriate. Update diagrams as change occurs and ensure Contractors performing changes submit "As Built" diagrams as a condition of the contract.

Operate and maintain DA or local regulation directed circuits supporting fire alarms, intrusion alarms, elevator emergency intercoms, telemetry, and other safety/security systems and monitoring/control systems (e.g., water, fuel, command destruct transmitters, read back receivers, range operations, flight termination equipment/software).

Operate and maintain Wireless Network Infrastructure as part of the existing installation infrastructure. Ensure proper operation of wireless network equipment from potential vendors such as Cisco or Aruba. Provide local common-user LAN and ICAN touch labor (troubleshooting, repairing, etc.)

Utilize wireless scanning tools to locate, identify and mitigate unauthorized wireless intrusion/access points/rogue wireless access points found within the boundary of the Installation. Design, install, configure, maintain and operate Wireless Intrusion Detection Sensors (WIDS) access points as part of the wireless infrastructure on the installation. Utilize WIDS and other tools to support frequency management.

Provide technical support for Video Teleconference (VTC) as a managed network service on the unclassified and classified (up to SECRET) networks.

Design, engineer and develop for Government approval, specifications for network equipment in support of Military Construction Army (MCA) projects, Unspecified Minor Military Construction Army (UMMCA) projects, and local minor construction/ renovation/expansion projects. Update and maintain installation network standards utilized in the solicitation or contractual documents.

Provide local touch labor (troubleshooting, repairing, etc.) for R-CCC WAN assets.

Follow all NEC policies, procedures, and other applicable regulations.

Maintain currency in technology and service offerings.

Other duties as assigned

Minimum qualifications:

A Bachelor's Degree is required. 4 years of relevant experience, or a combination of experience and training, may be used in lieu of a degree.

7 years or more of Network Administration/Engineering or related experience required.

2 years or more experience in leading a team of three or more staff.

Possess Baseline and Full Computing Environment Certifications for IAT-II IAW DoD 8570.01-M and BBP 05-PR-M-0002.

Must have CCNA or BCNE

Must have SSBI with Tier 5 investigation

Secret Clearance

Join our Talent Network

Similar searches: Full Time, Government and Public Services, Management