Computer Technologies Consultants (CTC) is seeking a Network Engineer to support the Congressional Budget Office (CBO) in Washington, DC.
Why Should You Be Interested?
- Direct hire full-time position
- Competitive base salary and comprehensive benefits
- Mid-size company with room for growth
Position Title: Network Engineer
Position Location: Washington, DC.
Daily Responsibilities:- Implement and maintain network security controls aligned with NIST SP 800-53, including access control (AC), configuration management (CM), system and communications protection (SC), and audit and accountability (AU) control families.
- Enforce Zero Trust network architecture principles in accordance with NIST SP 800-207, including network segmentation, micro-segmentation, and continuous verification of users and devices.
- Design and implement least-privilege network access controls, ensuring role-based and identity- aware access across all network layers.
- Manage 802.1X port-based network access control to prevent unauthorized device connectivity and enforce authentication at the network edge.
- Configure/maintain centralized logging and audit capabilities for all network devices, ensuring logs are forwarded to SIEM platforms and retained in accordance with compliance requirements.
- Conduct continuous monitoring and vulnerability assessments of network infrastructure, identifying risks and coordinating remediation in alignment with NIST Risk Management Framework (RMF) practices.
- Harden all network devices using secure configuration baselines (e.g., Cisco Secure Configuration Guides), including disabling unnecessary services, enforcing strong encryption protocols, and securing management interfaces.
- Secure public-facing and perimeter network assets by implementing strict ingress/egress filtering, firewall rule optimization, and multi-factor authentication for administrative access.
- Support incident response activities by providing network-level analysis, containment actions (e.g., segmentation, blocking malicious traffic), and forensic data collection.
- Establish and maintain secure network segmentation strategies to limit lateral movement and protect high-value assets and sensitive environments.
- Ensure all network changes follow formal change control processes with security impact analysis, supporting compliance with NIST configuration management requirements.
- Develop, implement, and maintain Network SOPs; review and update all SOPs on at least an annual basis or as required to reflect changes in technology, policy, or security requirements
Required Years of Experience (min):
- Five years relevant experience
Required Degree/Certifications:
- Bachelor's degree or equivalent experience
Required Experience & Expertise in the following areas:
- Experience supporting Cisco-based enterprise network infrastructure across core, distribution, access, and edge environments, including routing, switching, VLANs, VPNs, DNS/DHCP, firewall management, and performance optimization.
- Experience applying NIST SP 800-53 and NIST SP 800-207 concepts to network security controls, Zero Trust Architecture, segmentation, micro-segmentation, least-privilege access, identity-aware networking, and 802.1X network access control.
- Knowledge of vulnerability management, secure device hardening, RMF-aligned remediation, compliance monitoring, risk mitigation, and security assessment support.
- Experience supporting network security operations, including centralized logging, SIEM integration, continuous monitoring, incident response, forensic support, root cause analysis, and remediation.
- Experience maintaining secure network environments through configuration management, patch and firmware management, change control, secure configuration baselines, and operational continuity practices.
- Ability to maintain network documentation, including SOPs, configuration baselines, asset inventories, network diagrams, and technical procedures, and serve as a technical adviser for complicated service desk tickets and network modifications.
Required Clearance:
- Public Trust Tier 2 clearance level and background check.
Pay InformationFull-Time Salary Range: TBD
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.