Benefits:

401(k)

Dental insurance

Health insurance

AlxTel is looking for one (1) Senior Network Security Engineer to support the planning, engineering, implementation, and troubleshooting of secure, scalable, and stable 24x7 network infrastructure. The engineer will be embedded within the IT department and will contribute to both operational support and project-based security engineering.

✅ Key Responsibilities

The selected Network Security Engineer will be expected to:

Proactively identify organizational security requirements and design solutions accordingly.

Execute project-based tasks including design, engineering, installation, and troubleshooting of secure network systems.

Assess, plan, and implement secure networking environments.

Create detailed graphical and textual design documentation.

Support capacity planning, monitoring, and maintenance of secure data communications.

Lead or support the migration of legacy systems to modern security platforms and architectures.

Assist engineers in troubleshooting network security threats and critical problems.

Enforce configuration standards, change management policies, and operational procedures.

Lead and coordinate team activities, ensuring timely problem resolution.

Generate and deliver weekly project status reports.

Host regular team/project meetings as necessary.

🎓 Required Qualifications

The proposed resource must meet the following minimum qualifications:

Associate degree in an Information Technology (IT)-related field.

Active certifications:

Palo Alto Networks Certified Network Security Engineer (PCNSE)

Cisco Certified Network Professional (CCNP) – either Enterprise or Security track.

🌟 Preferred Qualifications

Bachelor’s degree in an IT-related field.

10 years of hands-on IT networking and security experience.

Current certifications:

Prisma Certified Cloud Security Engineer (PCCSE) – Palo Alto Cisco Certified Internetwork Expert (CCIE) – Enterprise Infrastructure or Security

💡 Desired Technical Skills & Experience

Minimum 5 years working with:

Palo Alto next-gen firewalls (NGFWs)

Intrusion Detection & Prevention Systems (IDPS)

Content filtering

VPNs (including IPsec and SSL)

Data Loss Prevention (DLP)

TLS/SSL Inspection

Minimum 4 years with Cisco switching, routing, and wireless.

Minimum 3 years working with:

A10 Networks for reverse proxy and load balancing

Minimum 2 years of experience in:

Cisco ISE, Free Radius, and ACLs for access control

General technical competencies in:

Microsoft MFA implementations

Cloud-based security and networking

802.1x authentication (wired/wireless)

EIGRP, OSPF, BGP routing protocols

Data Center micro-segmentation

PKI and certificate lifecycle management

Vulnerability tools (Nessus, NMAP, etc.)

Packet analysis tools (Wireshark, Riverbed, Opnet)

Centralized management platforms (Panorama, SolarWinds)

Working knowledge of Windows, Linux, and Unix platforms

Soft skills:

Independent problem-solving and troubleshooting

Ability to mentor junior staff

Clear communication and technical documentation skills

🧑‍💼 Work Location & Hybrid Schedule

Initial schedule: 3 days onsite, 2 days remote (Mon–Fri).

Post-performance review: May shift to 2 days onsite, 3 days remote.

On-site location is in Annapolis, MD.

Must be able to report onsite within 4 hours when requested.

Remote work from outside the U.S. is not permitted.

⏰ Working Hours

Standard work hours: 8:00 AM – 4:30 PM ET, Mon–Fri.

Must be available to work flexible hours (evenings, weekends, holidays) as required.

Annual work cap: 2,040 hours.

📅 Onboarding & Training

A 2 to 4 week training period will be provided at the start of the assignment.