Job Description

Job Description

Job Description

Network Security Engineer

About Us

EFJohnson Technologies is a subsidiary of JVCKENWOOD Corporation, a leading provider of P25 communications solutions for first responders in public safety and public service, the federal government, and industrial organizations. Our products are marketed under the EFJohnson and KENWOOD brands.

EFJohnson provides wireless communications products and systems for public safety, commercial, and government customers. We design, manufacture, and market conventional and trunked radio systems, land mobile radio repeaters, and mobile and portable radios, including Project 25 digital radio products.

______________________________________________________________________________

As a Network Security Engineer you’ll design, implement, and enforce comprehensive network and security architectures for mission-critical radio, data, and monitoring systems. This position will develop and maintain security standards and technical controls directly aligned with NIST SP 800-171 and CMMC Level 2 requirements to ensure protection of Controlled Unclassified Information (CUI). As a Network Security Engineer, you’ll collaborate with network and system architects to embed security throughout the full system lifecycle, from design and segmentation to identity management, remote access, and incident response. This role is hybrid, based out of Irving, TX.

Key Responsibilities

Security Architecture & Compliance

• Define, document, and maintain comprehensive network security standards mapped to NIST SP 800-171 and CMMC Level 2 controls.
• Collaborate with architects to incorporate security in every design, emphasizing segmentation and isolation of CUI assets.
• Design, test, and maintain network-level controls supporting Identification & Authentication (IA) and System & Communications Protection (SC) families.
• Contribute technical content to the System Security Plan (SSP), Plan of Action and Milestones (POA&M), and compliance evidence packages.
• Enforce configuration management and formal change-control processes to maintain baseline compliance.
• Perform security impact assessments on proposed design changes, ensuring traceability to CMMC requirements.

Identity & Access Management (IAM)

• Design and deploy centralized LDAP for directory services and user authentication.
• Design, implement, and administer TACACS+ for AAA control across routers, switches, and radio controllers.
• Configure and manage Multi-Factor Authentication (MFA) for privileged and remote accounts (CMMC IA.L2-3.5.3).
• Ensure unique identification and authentication of all users and devices (CMMC IA.L2-3.5.1).
• Integrate IAM systems with centralized logging and SIEM tools to support audit and traceability requirements.

Network Security Services Implementation

• Design, configure, and deploy Remote Access VPNs and IPSec site-to-site tunnels for secure connectivity, ensuring encryption of CUI in transit.
• Configure, deploy, and manage Next-Generation Firewalls (NGFWs) to enforce zone-based policies and control traffic between segmented network zones.
• Implement and tune Intrusion Prevention Systems (IPS) to detect and block malicious traffic in real time.
• Run regular vulnerability assessments and penetration tests; prioritize remediation actions that impact CMMC compliance.
• Integrate firewall, VPN, and IPS logs with centralized SIEM systems; conduct Root Cause Analysis (RCA) for network or IAM-related security incidents.
• Act as Tier 2/Tier 3 escalation for the Security Operations Center (SOC).

CUI Data Handling & Protection

• Ensure CUI is encrypted in transit and at rest using approved algorithms and key management standards.
• Implement network segmentation, VLAN isolation, and access-controlled zones to separate CUI from non-CUI traffic.
• Configure syslog, NTP, SNMPv3, and TLS securely for audit traceability and time-correlated event tracking.
• Enforce least-privilege access for CUI repositories and verify logging for all privileged actions.
• Conduct quarterly configuration audits and evidence collection in support of the corporate CMMC compliance program.
• Operational Security & Monitoring
• Maintain configuration baselines and perform periodic compliance checks on all network-security devices.
• Automate log collection and configuration integrity validation using secure scripting methods.
• Maintain network documentation, change-management records, and segmentation diagrams.
• Provide support for field deployments, system upgrades, and on-site network hardening activities.
• Assist with tabletop exercises, incident response drills, and after-action reviews.

Collaboration & Continuous Improvement

• Partner with network and system engineering teams to embed secure-by-design principles into radio network infrastructure and analyzer platforms.
• Mentor junior engineers through scheduled security and compliance training sessions.
• Coordinate with software and system teams to ensure servers, databases, and applications meet hardened configuration baselines.
• Contribute to EF Johnson’s internal Security Program Initiative, ensuring continuous improvement and measurable compliance progress.
• Recommend new tools, automation frameworks, and monitoring solutions to improve efficiency and visibility.
• Complete additional duties as required.
• Agree to abide by the established Approval Matrix.

Qualifications

• Bachelor’s Degree in Cybersecurity, Computer Science, Engineering Technology, or a related discipline; Master’s preferred.
• Cisco CCNP Security or equivalent required.
• CISSP, CompTIA CySA+, or CISM preferred.
• Experience implementing security controls aligned to NIST SP 800-171 and CMMC Level 2.
• Hands-on experience with firewalls, VPNs, IPS, AAA, and logging systems.
• Familiarity with Linux security hardening, log analysis, and automation scripting (Python, Bash, Ansible).
• Experience conducting packet analysis and forensics (Wireshark, Zeek, Suricata).
• Knowledge of public-safety radio networks, LMR systems, and secure field deployments preferred.

What We’re Looking For

• Advanced technical capacity in network and security engineering.
• Strong written and verbal communication skills.
• Demonstrated analytical, diagnostic, and problem-solving ability.
• Experience with Windows and Linux administration.
• Rapid learning aptitude for new tools and methods.
• Proficiency with scripting, configuration management, and SIEM integration.
• In-depth understanding of TCP/IP, UDP, SNMPv3, SSL/TLS, IPSec, and 802.1X. P25, DFSI+, and SIP preferred.

Travel Requirements

• Up to 30%

What We Offer

• Competitive salary
• Health, dental, and vision benefits
• Additional supplemental benefits
• 401K + employer match
• Tuition reimbursement
• 12 paid holidays + additional PTO
• Supportive- team-driven environment
• Opportunities to work on mission-critical projects that make a real impact

Equal Opportunity Statement

EF Johnson Technologies is an Equal Opportunity/AFFIRMATIVE ACTION Employer who values diversity and inclusion in the workplace. It is the policy of this company to provide equal opportunity with regard to all terms and conditions of employment. The company complies with federal and state laws prohibiting discrimination on the basis of sex, race, color, religion, creed, national origin, disability, veteran status, age, sexual orientation, gender identity, genetic information, pregnancy, or any other protected characteristic.

Job Tags

Similar Jobs