Network Unified Communication and Security Advisor

Peraton is currently seeking an experienced Network Security and Voice Over IP (VoIP) Engineer to join our team in Wiesbaden, Germany.

Location: Wiesbaden, Germany; On-site. 

Description: 

In this role, as the Network Security VoIP Engineer, you will be joining and working with the U.S. Army Europe Regional Cyber Center (RCC-E). 

Key Responsibilities:  

Cisco Unified Communication

• Core Mission: Maintain, optimize, and secure the Unified Communications (UC) and Identity access footprint for the RCC-E.
• Service Sustainment: Perform daily health checks, proactive monitoring, and Tier-3 troubleshooting for the Cisco Collaboration Suite (CUCM, Unity, UCCX, CER, Expressways, CUBEs). Ensure 99.9% availability for mission-critical voice services across the AORs.
• Endpoint & Gateway Management: Manage and maintain Cisco IOS Voice Gateways (SIP/SRTP). Execute configuration updates, firmware patches, and dial-plan optimizations to ensure secure and reliable call routing.
• Identity & Access Integration: Serve as the functional lead for UC-related identity tasks within Cisco ISE. Maintain 802.1X port security for collaboration endpoints and troubleshoot authentication failures to ensure secure network access.
• Collaborative Video Ops: Provide operational support for multi-platform video environments including MS Teams Rooms (MTR) and Cisco Webex. Manage SBC connectivity for Direct Routing and ensure seamless interoperability between VTC hardware and software codecs.
• Security Compliance & STIGs: Implement and maintain DISA STIG compliance across all UC and Video assets. Collaborate with the Security team to remediate vulnerabilities and ensure the UC posture meets Army Top-Level Architecture (ATLA) standards.
• Cross-Functional Coordination: Act as the technical liaison between the UC team and the Network Automation Operations pillars. Provide technical input for Change Management boards and assist in the documentation of standard operating procedures (SOPs).
• Lifecycle Support: Manage the "Day-2" operations of the UC infrastructure, including user provisioning, certificate renewals, and capacity monitoring of SIP trunks and VTC bridges.

Cisco Firepower and Cisco ISE

• Firewall Operational Support & Troubleshooting: Troubleshoot VPN, Policies, connectivity and issues related to Voice over IP ports/protocols.
• Cisco ISE: Design, deploy, configure, and maintain the Cisco Identity Services Engine (ISE) solution across a continent-wide Army Top-Level Architecture (ATLA) network. Implement and enforce 802.1X authentication for wired and wireless users; develop posture-assessment policies and TrustSec segmentation strategies.
• AAA Services Administration: Configure and administer TACACS+ and RADIUS services for device authentication and authorization.
• Systems Integration: Integrate ISE with Active Directory, PKI/certificate authorities, RAVPN, and other technologies
• Operational Support & Troubleshooting: Provide Tier-3 technical support for identity and access incidents; troubleshoot complex authentication/authorization failures.

Documentation & Collaboration

• Documentation & Change Management: Maintain up-to-date architecture diagrams, runbooks, and standard operating procedures; participate in formal change-control processes.

 

Minimum Requirements: 

TESA Requirements:

• Bachelor’s in Computer Science, Cybersecurity, or related field and 8 years of relevant experience, or an Associate’s and 10+ years’ relevant experience, or HS and 12+ years’ relevant experience.

Education & Experience (8140 DCWF Code 441):

• Certifications:
  • DCWF: 441 - B.S. or SecurityX /CASP+, CCNP Security, CCSP, GCIA, GCED, GCIH, AND ONE of the following:  Network Firewall, IDS, F5-CA, F5-CTS, F5-CSE, BCCPA, CCNP Security, CCIE Security, Cisco CyberOps Professional. 
• Hands-On Technical Expertise:
  • Minimum of 10 years designing and administering Cisco ASA or Firepower Firewall, Cisco ISE in large-scale environments.
  • Experience with Cisco Firepower management platforms (FMC and FDM)
  • Understanding of network security principles, including ACLs, NAT, and IPS/IDS.
  • Deep understanding of 802.1X, RADIUS, TACACS+, TrustSec, Software-Defined Access. Familiarity with command-line interfaces (like TMSH), networking concepts and protocols, and security principles.
  • Strong command of Cisco routing/switching, firewalls (ASA/FW-A), remote-access VPNs, IPS/IDS, F5 Big-IP, Blue Coat proxy.
  • In-depth knowledge of F5 Big-IP platforms and technologies like LTM, GTM and TMOS.
  • Familiarity with PKI, certificate lifecycle management, and AAA integrations.
• Soft Skills & Clearance:
  • Demonstrated analytical, troubleshooting, and communication experience and capabilities.
  • Demonstrated ability to thrive in fast-paced, mission-critical settings.
  • U.S. citizenship required. 
  • Active DoD Secret security clearance.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$80,000 - $128,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.