Network Engineer
please contact clund@alliedconsultants.com for more info
Location:
Huntsville, Texas
Overview:
Allied Consultants, Inc. is an Austin-based firm which has for 20 years been a premier provider of technical and business professionals to clients in Texas. We are currently seeking an experienced Network Engineer to be a key resource on a technical services team.
Responsibilities:
Network Engineer
Our state client is a user of large mainframe and web based applications which support its primary mission. It also has several complex financial, payroll and personnel systems for back office operations. It has over 100 field offices located across the State of Texas and operates a complex wide and local area network in support of the communications to these sites. There is a large amount of diverse hardware and software technology deployed at these sites. Our client is seeking a network engineer to support them based out of their headquarters in Huntsville Texas.
Summary
The Network Engineer will provide high level technical support for local and wide area networks. Establish network-monitoring procedures and tools for diagnosis. Follow asset management and inventory control guidelines established by the Department. Monitor network performance including the planning and execution of projects to enhance network capacity, speed, and bandwidth to support required WAN features. Perform analysis of available options to enhance network performance and reliability and recommends network related resources. Install, test, maintain and troubleshoot network devices to include, but not be limited to, routers, switches, and hubs. Plan, design, and implement networked systems, including configurations, supporting/troubleshooting network and security issues. Provide recommendations for LAN/WAN architecture to include technical assistance to the Department staff, departments, and vendor staff.
Qualifications:
Tasks for Network Engineer
Network Design, Installation, Configuration and Troubleshooting Services
Network Design
• Work with cabling vendors on design requirements for new offices and
office moves including fiber and catS/cat6 cabling.
• Design IP addressing space for new router installations.
o Plan MAN (Metro Area Network) connections and work with vendors to facilitate installation of fiber and cat5 as needed.
• Assign static IP addressing to servers and workstations not addressed with DHCP (Dynamic Host Configuration Protocol) and track address changes.
• OSPF Design; Configuration, Testing and Performance Monitoring
o Design IPX Addressing for wide area networking and integration with existing Novell servers and systems.
o Design data circuit requirements (Frame Relay, ATM. Leased Line) in cooperation with service provider.
o Plan LAN installations including switch and router placement for proper interconnectivity and security requirements.
• Product evaluation and testing
o Project management, including multi-vendor/ departmental coordination, for large network projects
Router Configuration and Troubleshooting
• TCPIP Troubleshooting
• Configure IP networking for remote sites and core networks.
• Configure IPX networking for Novell servers and clients.
• Configure GRE tunnels across IP backbone for IPX networking.
• Configure SAP filters to restrict IPX/SPX traffic.
• IBM SNA Network Configuration and Troubleshooting.
• Configure DLSW (Data Link Switching) and transparent bridging for 1174 controllers, SNA gateways and IBM Image stations to connect to the IBM mainframe.
• Legacy Equipment Support and Migration including IBM 3174 Cluster Controllers.
• Configure Authentication Proxy to control access to wide area network.
• Configure AAA (Authentication, Authorization and Accounting).
o Configure TACACS authentication for user login from remote networks
o Install ACL (access control lists) including "Denyall" access-lists and update as needs change.
o Configure Policy Routing and QOS (Quality of Service).
? Configure serial ports for IBM controllers with reverse bit-map configuration on Mac-Address to allow DLSW connections.
Ethernet Switch Configuration and Troubleshooting
• Configure VLAN and VTP (Vlan Trunking Protocol) for virtual networking across multiple switches.
• Verify port configuration and test for errors.
• Configure modular ports with Gbic's as needed for LAN expansion over fiber.
• Configure LRE (Long Range Ethernet) at units without LAN cabling in place.
• Test LRE 585 and 575 adapters for connectivity and cable problems.
• Configure and install Zhone DSLAM equipment and install with remote access devices using ADSL technology on in-house cabling.
Dialup networking
• Configure and maintain Cisco AS5300 dialup access device.
• Troubleshoot and test connectivity.
• Configure authentication using Cisco ACS system.
• Configure and troubleshoot Cisco 2600 router with dialup modules.
Troubleshooting Network
• Assist Network Engineers with all escalated issues to hasten resolution of the underlying problem.
• Assist TDCJ ITD staff with server issues that could be attributed to the data network infrastructure, including HOD (Host On Demand) and Lotus Notes email server
• Troubleshoot IP routing issues using router debug and logs as well as the use of LAN sniffers.
• Troubleshoot IPX connectivity using router logging, debug and LAN sniffers.
• Work with systems support to troubleshoot connectivity and addressing problems with DLSW / SNA.
• Monitor Bluecoat SG800 web proxy system and block non work related web sites as needed.
• Work with service provider to isolate problems on ATM, DS3 and TI circuits.
• Work with remote sites to isolate problems on VPN tunnels using firewall logging and crypto security association debugging.
• Troubleshoot wiring problems for TI, Token Ring and Ethernet connections.
• Assist TDCJ employees and Contractors with Webserver re-direction design, implementation, configuration and troubleshooting.
• Assist TDCJ employees and contractors with Solaris configuration issues.
Network Security Services
Nortel Contivity VPN switch
• Maintain user database and synchronize primary and backup VPN switches with FTP file transfers to backup switch and automatic backups to FTP server.
• Update system software when updates are announced.
• Configure user accounts in IPsec and PPTP VPN protocol.
• Reset passwords as accounts expire.
• Configure NAT Traversal on switch for remote sites behind firewalls.
• Troubleshoot VPN connections using logs and Network General Sniffer tools.
• Check security logs for intrusions and lockouts.
• Troubleshoot hardware problems and determine if replacement components are needed.
Cisco Adaptive Security Appliance and PIX Firewall
• Configure firewalls with inside outside and multiple DMZ interfaces to allow only authorized Internet traffic to reach public servers using assigned security levels.
• Configure access-lists and group policies to restrict internet and outside agencies traffic to connect to pre-assigned network addresses.
• Configure VPN IPsec tunnels to connect to outside agencies LAN.
• Use object-groups to manage access list size.
• Configure NAT (Network Address Translation) to keep inside address space private.
• Configure PAT (Port Address Translation) for overflow addressing of outside Internet address space.
• Troubleshoot crypto security associations on VPN tunnels
• Configure static address translations from inside, outside and DMZ networks.
• Configure class-maps for the configuration or QOS (Quality Of Service).
IDS/IPS Sensors
• Monitor Cisco VMS and all IDS Sensors within the Agency for possible intrusion attempts and worm/virus activity
• Update sensor threat signatures using VMS (VPN/Security Management Solution).
• Create custom threat signatures on IDS/IPS system
• Follow-up on blocked networks and devices and resolve issues causing signature hits.
• Clear blocked addresses when created by false threats.
• Check Syslog for archived threat signatures.
• Isolate LAN segments that show signs of virus and worm infection.
Network Management Services
CiscoWorks Network Management
• Network Management Platform Installation
• Utilize Ciscoworks system to update batch configurations using Resource Management Essentials and Netconfig.
• Update software images on routers and switches using Ciscoworks Software Management tools.
• Use Ciscoworks software to monitor outages and errors on network equipment using Device Fault Management and SNMP on network equipment.
• Monitor all internet connections within the Agency to insure connectivity from within the agency to business-related internet resources and to allow external users to access TDCJ resources including the TDCJ web server and e-mail server.
Network Registrar Server:
• Maintain DHCP/DNS server and add new IP Scopes for failover and primary server.
• Configure custom options on DHCP policies for Active Directory and Novell SLP servers.
• Add new DNS entries for local servers and domains including sub-domains reverse lookup configurations.
Other Special Requirements
The client has 100 offices located across the State of Texas. There will be day and/or night travel will be required.
For any services to be performed away from the primary work location(s); any and all travel expenses shall be at the Worker’s and/or Vendor’s expense.
Allied Consultants offers its family of consultants excellent rates, a local support staff, and an attractive benefits package which includes medical insurance (employee premiums paid 100%), life insurance, a matching 401(k) plan and a cafeteria plan.
Candidates selected for interview may be required to undergo criminal background checks and a drugs screen in accordance with Federal and State Law. Offers of Employment are contingent on a successful background check
Allied Consultants is an equal opportunities employer.
