Edgewater Federal Solutions is seeking a Principal Network & Systems Engineer to support the Department of Energy Operations Office in Idaho Falls, ID. 

Enterprise Network, Security, Wireless Architecture & Engineering

• Architect, design, implement, and maintain DOEIDs enterprise network across core, distribution, edge, and data center layers, ensuring scalability, redundancy, and long-term alignment with organizational infrastructure strategy.
• Engineer and administer advanced routing and switching platforms, including EIGRP, OSPFv3, IPv6, VLAN segmentation, inter-VLAN routing, trunking, and highavailability designs.
• Serve as the primary architect and administrator for Palo Alto NextGeneration Firewalls (NGFW), including security policy architecture, URL filtering, threat prevention, SSL decryption, logging integrations, and zerotrust access enforcement.
• Lead and maintain the enterprise remoteaccess environment using Palo Alto GlobalProtect, including authentication integration, device posture checks, and certificatebased access controls.
• Design and implement zerotrust networking principles across critical systems, integrating firewall segmentation, identitybased access controls, and continuous trust verification.
• Administer and optimize Cisco wireless systems, including controllerbased WLANs, SSID and authentication design, RF tuning, security policy enforcement, and enterprise guest wireless.
• Oversee enterprise monitoring and network health using system dashboards, telemetry, trending, packetlevel diagnostics, and event correlation to ensure performance, reliability, and immediate visibility of issues.
• Lead modernization initiatives for network, wireless, and firewall architectures, including equipment refreshes, policy redesign, IPv6 rollout, and backbone upgrades.
• Serve as the primary escalation point for complex network, wireless, and firewall issues requiring seniorlevel architectural analysis.

Network Team Lead & Work Direction

• Serve as the Network Team Lead, providing daily technical direction, prioritization, and task assignment for junior and midlevel network engineers. 1
• Mentor team members in advanced networking, routing, firewall policy design, troubleshooting methodology, and enterprise architecture principles.
• Oversee quality assurance for network changes, configurations, and architecture designs to ensure compliance with DOE standards and best practices.
• Act as primary escalation point for complex networking issues requiring seniorlevel expertise.
• Coordinate work distribution, project responsibilities, and technical execution across the network engineering team.
• Provide training and handson guidance to new engineers, including platform-specific instruction (Cisco, Palo Alto, Infoblox, ISE, etc.).
• Collaborate with cross-functional and interagency teams to align network engineering activities with enterprise architecture goals.

Identity, Access, and Authentication Systems

• Serve as primary administrator for Cisco Identity Services Engine (ISE) including RADIUS, TACACS, 802.1X, guest wireless, and certificate-based enforcement.

DNS, DHCP, and IP Address Management Architecture

• Serve as primary administrator for Infoblox DDI (DNS, DHCP, IPAM).
• Maintain and maintain NIOS grid configurations including grid member health, grid services, licenses, and failover/HA strategies.
• Configure and maintain DNS authoritative and recursive services including zone management, forwarders, delegations, DNSEEC -related requirements, and RPZ policies.
• Engineer and maintain DNCP Scopes, DHCPv4/v6 pools, reservations, failover configuration, split scopes and address management policy supporting both IPv4 and IPv6 architectures.
• Manage the enterprise IP Address Management platform, ensuring effect subnet design, hierarchy, and usage tracking.

Data Center Architecture and Infrastructure Engineering

• Serve as Data Center Architect and Engineer for rack design, cabling, hardware installations, power and cooling considerations.

Cybersecurity, Compliance & Incident Response

• Perform cyber incident response, investigations and reporting.
• Ensure compliance with DOE Orders, DOE-Idaho Policy and enterprise best-practices.

System Administration

• Management and maintain network support servers and systems including Delinea Secret Server, F5 Load balancers Cerberus SFTP, Syslog servers, Nessus Agents, Tenable Vulnerability Management

• Bachelors degree in Computer Science, IS, Engineering, or equivalent experience.
• 7+ years in advanced network and systems engineering roles
• Expertise in routing, switching, identity systems, Palo Alto platforms and IPAM
• Experience with DOE directive and federal compliance.