Cybersecurity Engineer at PUNCH Cyber Analytics Group

About PUNCH:

We’re problem solvers first & foremost. PUNCH’s origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement.

We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.

We back each other up. PUNCH is a supportive place to work. We’ve worked hard to create an environment that makes people better, encourages teamwork, and rewards a “pitch in” mentality.

We give back. To those in need. To the community. To the industry.

Does this sound like you?

Role Overview:

We are seeking an experienced Cybersecurity Engineer to provide network security, firewall analysis, and security engineering support for the Department of the Interior (DOI) and its approximately 80,000 end users. This is a fully remote role supporting a long-term federal engagement with a base year and three option years.

The Cybersecurity Engineer will work directly with contractor engineering peers, system owners, infrastructure teams, and security stakeholders to analyze firewall configurations, optimize security controls, support FireMon Security Intelligence Platform operations, and provide recommendations aligned with NIST 800-53 and industry best practices.

This role requires strong technical knowledge of perimeter security technologies, firewall rule analysis, security control implementation, and the ability to translate technical findings into clear documentation, reports, SOPs, training materials, and architecture diagrams. You must be able to obtain a DOI Position of Public Trust clearance.

Responsibilities:

Conduct analysis of information maintained within the FireMon Security Intelligence Platform

Review and analyze firewall configurations for enhancements, optimal configurations, and network connectivity improvements

Consult with infrastructure management teams to customize and configure FireMon monitoring capabilities to meet Department and DHS requirements

Configure and operate FireMon Security Intelligence in support of DOI security requirements

Provide quarterly status reports detailing firewall rules reviewed, errors identified, devices configured, and deployments completed

Apply configurations on routers, firewalls, and other security controls in accordance with NIST 800-53

Provide recommendations regarding DOI perimeter UTM devices using NIST 800-53, federal security requirements, and industry best practices

Support security engineering activities involving technologies such as Cisco, Juniper, Riverbed, Fortinet/Fortigate, and related network security platforms

Create and maintain technical documentation, including SOPs, reports, training materials, slide decks, and architecture diagrams

Work closely with system owners, infrastructure teams, and security stakeholders to support secure network operations

Support after-hours maintenance activities as needed

Required Qualifications:

Bachelor’s degree and 7+ years of relevant experience, or 9+ years of total relevant experience in lieu of degree

Experience supporting cybersecurity engineering, network security, firewall management, or perimeter security operations

Hands-on experience reviewing and analyzing firewall rules, configurations, and network connectivity requirements

Experience working with security controls, routers, firewalls, and related infrastructure technologies

Understanding of NIST 800-53 security controls and their application within federal environments

Ability to perform technical writing and create SOPs, reports, training materials, slide decks, and architecture diagrams

Ability to work effectively in both individual and team environments

Flexibility to support after-hours maintenance activities when required

Must be able to obtain a DOI Position of Public Trust clearance

Preferred:

Experience with FireMon Security Intelligence Platform

Fortinet NSE 4 certification and/or Fortinet Certified Professional certification

Experience supporting Incident Response teams

Experience with Cisco, Juniper, Riverbed, Fortinet/Fortigate, and perimeter UTM devices

Experience supporting large federal enterprise environments

Familiarity with DHS security requirements, federal cybersecurity standards, and enterprise firewall governance workflows