By Light HQ

IP Network Engineer

Job Locations US-MD-Fort Meade
Posted Date 12 months ago(10/5/2020 9:35 AM)
# of Openings
Tier 3 - Secret/ADP II


By Light seeks an IP Network Engineer with an active Secret clearance to join our team in support of our projected new work with our existing DISA customer. DISA Operations Center, Infrastructure Directorate (IE54) is inheriting the Joint Base Customer Edge (JB-CE) Multiprotocol Label Switching (MPLS) routers that are co-located at most of the DoD military bases, working within the Joint Planning Environment. By Light will provide  the Infrastructure Directorate (IE54) with IP network engineering support for the JB-CE MPLS DISN architecture.


This work will encompasse network engineering support (Tier Level III) to legacy, current, and future DoD and DISA capabilities, services, systems, and Systems-of-Systems (SoS) throughout the acquisition and engineering lifecycle. The IP Network Engineer will perform technical planning, analysis, assessment, and special trade-studies, provide technical recommendations, and perform network engineering, all within regulatory compliance of the JB-CE MPLS DISN architecture.


  • Perform test and certification for both hardware and software
  • Support initial implementation
  • Provide lifecycle engineering of network architecture
  • Provide Information Assurance (IA) testing and assessment support
  • Support mission partners to satisfy the interoperability requirements
  • Investigate and recommend emerging insertion technologies (i.e. new features, capabilities, etc.)
  • Provide operational network and theater Network Operational Center (NOC) escalation support
  • Provide required documentation in support of Configuration Control Boards (CCB) changes as needed
  • Provide lab equipment configuration management
  • Support future DISN architectural changes, such as Software Defined Networking (SDN) provisioning efforts for JB-CE.
  • Document the current system architecture.
  • Document the hardware and software configurations for each site.
  • Document the hardware and software configurations used for lab testing
  • Provide emerging insertion technologies (i.e. new features, capabilities, etc.)
  • Support mission partners to satisfy the interoperability requirements
  • Provide all required documentation in support of Configuration Control Boards (CCB)
  • Provide technical expertise in design review, lab testing & test report, implementation plan and deployment of new advanced large-scale complex DoD networks.  
  • Implement MPLS services offering on the DISN network called IP Transport Provider Edge (IPTPE). MPLS services include L3VPN, L2VPN, VPLS (Virtual Private LAN service) and CsC (Carrier Supporting Carrier). IPTPE platforms tested include Juniper
  • MX960/MX480 and Cisco ASR9010/ASR9006 routers.
  • Perform testing and support implementation of the DMZ COI VPN (part of NIPRNet Hardening project), which provides separation of the NIPRNet traffic and Mission Critical Community of Interest (COI) traffic using the MPLS L3VPN service
  • Reviews security threats to the current DoD NIPRNet/Internet gateway IA infrastructure, architecture, and technology and determines/implements effective countermeasures IAW established policies/regulations/directives
  • Deliver Router and Firewall Test Plans and resulting Test Reports. Prepare field recommendations and Configuration Guides 

Required Experience/Qualifications

  • Bachelor of Science Degree in Networking, Telecommunications, or related area
  • DoD 8570-01-M IAT Level II or higher to include Security+, GSEC, SCNP, SSCP, or CISSP 
  • 5+ years of experience with the following:
    • Large enterprise or DoD IP design running ISIS, BGP/MP-BGP (multi AS) and MPLS routing protocols
    • Extensive router certification testing, Cisco IOS & IOS-XR regression testing which includes all protocols and services required for DISN backbone routers. Router platforms to include Cisco ASR9K ASR9010/ASR9006) routers.
    • Routing protocols: BGP, MP-BGP, MPLS/RSVP, OSPF, IS-IS, RIP, Multicast, IPv6, QoS
    • Multiprotocol Label Switching (MPLS) – Resource Reservation Protocol (RSVP), Label Distribution Protocol (LDP), MPLS Layer-2/Layer-3 Virtual Private Network (VPN), CsC (Carrier servicing Carrier).
    • TCP/IP, LAN/WAN, SONET, ICMP and SNMP management protocols
    • Network test equipment/Traffic Generator such as IXIA, Spirent Test Center, Smartbits and Agilent N2X
    • Filter Based Forwarding (FBF)
    • Multi-Hop Bidirectional Forwarding Detection (MBFD)
    • Ethernet Operation
    • Firewalls including Access Control List (ACL)
    • Operation Administration and Maintenance (OAM) Protocol and Network Management with 802.1Q and VRRP/HSRP Certificate Authority Server, ACE/SecureID Server, TACACS+, RADIUS, MS Exchange, Sendmail, Apache web server, PKI, WINS, DHCP, DNS,
    • FTP/SFTP/TFTP, SSH, NTP, and Netflow/Cflowd servers.
  • Excellent interpersonal communication skills with the ability to interact with management and staff at all levels
  • Excellent verbal and written communication skills

Special Requirements/Security Clearance

  • Active DoD Secret clearance


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed