Network Security Engineer Jobs (NOW HIRING)

Job Title: Network Security Engineer

Location details: Albany, NY – Onsite 5 days a week (Address: 50 Wolf Road Albany, NY 12232)

Duration: 5 year long contract

Position Summary

NYSDOT is seeking a Network Security Engineer to provide network and security engineering for its business network, intelligent transportation systems (ITS), and operational technology (OT) environments. This position reports to NYSDOT's Chief Information Security Officer and the NYSDOT ETO Director and supports network and cybersecurity operations across transportation management, regional, and main office environments.
The Network Engineer will be responsible for developing recommendations related to maintaining, monitoring, troubleshooting, and optimizing the network infrastructure and cybersecurity tools that supports the safe and efficient operation of NYSDOT transportation systems. The role focuses on network devices, security tools, and communication links within and between Transportation Management Centers (TMCs), regional offices, and the Main Office.
This position requires a strong understanding of core networking and cybersecurity principles, best practices, and a demonstrated interest in intelligent transportation technologies.
Key Responsibilities

• Configure and troubleshoot VLANs, network segments, and routing protocols.
• Monitor network performance and availability using network management tools
• Respond to and resolve network incidents, including connectivity issues, performance degradation, and security alerts.
• Perform routine maintenance tasks such as firmware updates, configuration backups, and equipment replacement support.
• Provide technical support to internal teams and external partners regarding network connectivity and performance.
• Assist in the configuration and management of firewalls, intrusion detection and prevention systems (IDS/IPS), and other security appliances.
• Configure and monitor SIEM platforms for security anomalies and escalate incidents according to established procedures.
• Document network configurations, standard procedures, and operational guidance.
• Support vulnerability scanning and remediation efforts.
• Assist maturing the cybersecurity incident response plans.
• Prepare detailed reports of security incidents and network anomalies for appropriate authorities, including the FBI and the New York State Office of Information Technology Services.
• Work closely with the NYSDOT CISO and other cybersecurity team members to support security and compliance.
• Collaborate with other NYSDOT departments to support the integration of new intelligent transportation system devices and applications.

Minimum Qualifications

• Bachelor's degree in computer science, information technology, or a related field, or equivalent experience.
• Strong understanding of TCP/IP, routing, switching, and network security principles.
• Proficiency configuring and troubleshooting LANs, VLANs, trunks, spanning tree, IP subnetting, routing protocols, and wireless networking
• Proven experience in network administration and troubleshooting.
• Ability to perform and analyze packet traces.
• Proficiency with firewalls to configure and troubleshoot security rules, NAT, threat protection, and logging
• Experience with IDS/IPS and SIEM tools, security event triage, and escalation.
• Industry certifications such as CCNP, PCNSA, or similar are preferred.
• Familiarity with network monitoring tools.
• Familiarity with vulnerability scanning tools.
• Excellent problem-solving and communication skills.
• Display a strong grasp of key cybersecurity and IT concepts such as:
• Cloud Concepts: SaaS, IaaS, PaaS, hybrid, on premises
• Cybersecurity Principles: defense in depth, least privilege, CIA triad
• Cybersecurity Technology: NAC systems, next-generation firewalls, VPNs, micro segmentation, IAM, vulnerability management, encryption
• IT principles: High availability, clustering, failover, single point of failure, dynamic routing, classification, tagging
• Server and Compute: Client Server, virtualization, clustering, failover, backups, imaging
• A strong desire to learn and grow within the field of intelligent transportation systems.

Preferred Qualifications

• Data classification principles and enforcement
• Understanding of cybersecurity frameworks such as NIST CSF, CIS Critical Controls
• Experience supporting operational technology or critical infrastructure environments.
• Experience working with distributed networks that support transportation, public sector, industrial, or field-based operations.
• Familiarity with cybersecurity incident response and escalation procedures.
• Experience balancing network security requirements with system availability and operational continuity.
• Hands-on familiarity with modern network security monitoring, event analysis, and infrastructure documentation practices.

Core Knowledge Areas

• TCP/IP networking, subnetting, routing, and switching.
• VLAN design, segmentation, and troubleshooting.
• Network security fundamentals, including firewalls, IDS/IPS, access control, and secure configuration.
• SIEM monitoring, security event triage, and escalation.
• Network performance monitoring and availability management.
• Threat intelligence integration and operational awareness.
• Incident response support for network disruptions, malicious activity, and denial-of-service conditions.
• Documentation of network topology, procedures, and configurations.
• Collaboration with cybersecurity, operations, and engineering teams in a mission-critical environment.

Work Environment and Expectations

• Ability to work independently and to carry out assignments to completion within parameters of instruction given, prescribed routines and standard accepted practices
• Experience working within an enterprise change control process.
• Must be able to work under pressure and meet deadlines, while maintaining a professional attitude and providing exemplary customer service
• Strong analytical/problem solving skills
• Articulate verbal and written communication skills
• Computer Proficiency in MS Office Suite
• Ability to create legible Visio diagrams of IT and security systems
• The majority of these services are expected to be provided on site, although some remote support may be required.
• The position supports operationally important transportation environments and requires strong coordination with security, operations, and engineering stakeholders.
• The successful candidate must be able to communicate clearly, solve problems methodically, and operate effectively in a high-availability environment where uptime, safety, and security are all important considerations.