Job Information
Mathematica Senior Infrastructure Engineer (Network Security) (hybrid/in-office) (Princeton, NJ) in Princeton, New Jersey
Position Description: Mathematica applies expertise at the intersection of technology, data, methods, policy, and practice to improve well-being around the world. We collaborate closely with public- and private-sector partners to translate big questions into deep insights that improve programs, refine strategies, and enhance understanding using technology and advanced analytics. Our work yields actionable information to guide decisions in wide-ranging policy areas, from health, education, early childhood, and family support to nutrition, employment, disability, and international development. Mathematica offers our employees competitive salaries, and a comprehensive benefits package, as well as the advantages of being 100 percent employee owned. As an employee stock owner, you will experience financial benefits of ESOP holdings that have increased in tandem with the company’s growth and financial strength. You will also be part of an independent, employee-owned firm that is able to define and further our mission, enhance our quality and accountability, and steadily grow our financial strength. Read more about our benefits here: https://www.mathematica.org/career-opportunities/benefits-at-a-glance
We are growing our IT infrastructure security team and are looking for an experienced Senior Infrastructure Engineer (Network Security) to join our Princeton, NJ headquarters (working in the office three days per week). Their responsibility will span the entire network infrastructure security technology stack from design through delivery. The candidate will continually expand their knowledge and experience with the latest infrastructure security technologies while working in a collegial environment. The position is part of a larger team supporting the Mathematica’s LAN/WAN security infrastructure.
Responsibilities:*
- Design, implement and support short- and long-term strategic plans to ensure local and wide area network capacity meets existing and future requirements. This will include both physical and cloud IaaS (Infrastructure as a Service) technologies.
- Develop and deploy rigorous methodologies for testing network performance and providing network performance statistics and reports.
- Practice network asset management, including maintenance of network component inventory and related documentation.
- Provide support for weekly meeting and committees including weekly Vulnerability and Risk Management meetings.
- Coordinate with other teams, partners, vendors and other technical staff for larger architecture and support functions that support the entire organization.
Position Requirements:
- Bachelor’s degree in a computer related field, such as programming, computer science, engineering, or other related degree. Equivalent training and work experience may also be taken into consideration
- 5+ years of hands-on Cisco Network & Security implementation experience administering and configuring enterprise-wide LANs, WANs, WLANs, VPNs, Controller-based Lightweight AP’s.
- Advanced experience managing and troubleshooting Network Security devices and tools, specifically Adaptive Security Appliances (ASA), Firepower Threat Device (FTD), Firepower Management Console (FMC), Cisco Identity & Security Engine (ISE) and DNAC.
- Experience in design and deployment of Cisco Wireless Lan Controllers and Identity Service Engine (ISE).
- Excellent knowledge of Cisco routing and switching technologies including BGP (Border Gateway Protocol).
- Hands-on experience in designing, supporting, and configuring enterprise networking (Cisco Nexus 9000), Point to point WAN, BGP, Cisco VPN, Cisco Wireless, etc., switches, firewalls, and wireless networks such as Nexus 9000, 9400, and 4500 Switches
- Knowledge and experience implementing Quality of Service (QoS).
- Extensive design and support experience with network monitoring applications.
- Managing and ensuring optimal operation of all network hardware and equipment, including routers, switches, wireless, etc. in a hybrid networking environment (physical and cloud).
- Ability to multi-task, prioritize and manage multiple complex projects from inception through completion.
- Ability to learn quickly and comprehend technical as well as business concepts.
- Ability to present technically advanced ideas in non-technical language.
- Ability to research networking issues and products as required.
- Actively work with department technical and business colleagues to ensure optimal technology solutions for the business needs.
- Manage and provide technical guidance, project plans to members of the team. *Preferred experience:
* This experience is preferred but not required. * Technical knowledge of designing and supporting cloud networking environments (AWS, Direct Connect, VPC, Transit gateways, NAT gateways, Network Load Balancers) * Industry recognized Certifications such as CCNP, CISSP, CCIE
This position offers an anticipated annual base salary range of $100,000 - $130,000. This position may be eligible for a discretionary bonus based on company and individual performance.
As a federal government contractor, all staff working in our central ITS group with access to corporate computer systems are required to successfully undergo a background investigation or security clearance as a condition of employment.
STAFFING AGENCIES AND THIRD-PARTY RECRUITERS: Mathematica is not accepting candidates for this role or any technical role from staffing agencies or third-party recruiters. Please do not contact technical or senior staff at Mathematica or share unsolicited resumes. All agency inquiries go through the talent acquisition team and will be routed accordingly. *
* * Available Locations:* Princeton, NJ
#LI-NN1
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.