Cybersecurity Engineer

About PUNCH:We’re problem solvers first & foremost. PUNCH’s origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement.We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.We back each other up. PUNCH is a supportive place to work. We’ve worked hard to create an environment that makes people better, encourages teamwork, and rewards a “pitch in” mentality.We give back. To those in need. To the community. To the industry.Does this sound like you?Role Overview:We are seeking an experienced Cybersecurity Engineer to provide network security, firewall analysis, and security engineering support for the Department of the Interior (DOI) and its approximately 80,000 end users. This is a fully remote role supporting a long-term federal engagement with a base year and three option years.The Cybersecurity Engineer will work directly with contractor engineering peers, system owners, infrastructure teams, and security stakeholders to analyze firewall configurations, optimize security controls, support FireMon Security Intelligence Platform operations, and provide recommendations aligned with NIST 800-53 and industry best practices.This role requires strong technical knowledge of perimeter security technologies, firewall rule analysis, security control implementation, and the ability to translate technical findings into clear documentation, reports, SOPs, training materials, and architecture diagrams. You must be able to obtain a DOI Position of Public Trust clearance.Responsibilities:Conduct analysis of information maintained within the FireMon Security Intelligence PlatformReview and analyze firewall configurations for enhancements, optimal configurations, and network connectivity improvementsConsult with infrastructure management teams to customize and configure FireMon monitoring capabilities to meet Department and DHS requirementsConfigure and operate FireMon Security Intelligence in support of DOI security requirementsProvide quarterly status reports detailing firewall rules reviewed, errors identified, devices configured, and deployments completedApply configurations on routers, firewalls, and other security controls in accordance with NIST 800-53Provide recommendations regarding DOI perimeter UTM devices using NIST 800-53, federal security requirements, and industry best practicesSupport security engineering activities involving technologies such as Cisco, Juniper, Riverbed, Fortinet/Fortigate, and related network security platformsCreate and maintain technical documentation, including SOPs, reports, training materials, slide decks, and architecture diagramsWork closely with system owners, infrastructure teams, and security stakeholders to support secure network operationsSupport after-hours maintenance activities as neededRequired Qualifications:Bachelor’s degree and 7+ years of relevant experience, or 9+ years of total relevant experience in lieu of degreeExperience supporting cybersecurity engineering, network security, firewall management, or perimeter security operationsHands-on experience reviewing and analyzing firewall rules, configurations, and network connectivity requirementsExperience working with security controls, routers, firewalls, and related infrastructure technologiesUnderstanding of NIST 800-53 security controls and their application within federal environmentsAbility to perform technical writing and create SOPs, reports, training materials, slide decks, and architecture diagramsAbility to work effectively in both individual and team environmentsFlexibility to support after-hours maintenance activities when requiredMust be able to obtain a DOI Position of Public Trust clearancePreferred:Experience with FireMon Security Intelligence PlatformFortinet NSE 4 certification and/or Fortinet Certified Professional certificationExperience supporting Incident Response teamsExperience with Cisco, Juniper, Riverbed, Fortinet/Fortigate, and perimeter UTM devicesExperience supporting large federal enterprise environmentsFamiliarity with DHS security requirements, federal cybersecurity standards, and enterprise firewall governance workflowsOriginally posted on Himalayas