Network Security Engineer
Rancho Cordova, CA
job summary:
Our client is seeking a contract resource to support modernization of site-to-site IPsec VPN tunnels and firewall access control policy hardening within the client's environment. This role will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external partners. Responsibilities - Review approximately 80 existing site-to-site IPsec VPN tunnels - Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2 - Ensure VPN configurations align with organizational cryptographic standards - Update pre-shared keys (PSKs) to meet a minimum 20-character requirement - Validate VPN tunnel functionality after each change - Review approximately 10 firewall access control rules on Cisco Firepower - Modify firewall rules to remove overly permissive or broad subnet access - Restrict firewall rules to required source/destination networks, ports, and protocols - Apply principle of least privilege in firewall rule updates - Perform validation testing after firewall changes to confirm no service disruption - Coordinate implementation activities with UC Davis campus teams and external partners - Support execution of approved maintenance window changes - Provide technical assistance during implementation activities - Document VPN and firewall changes and validation results - Coordinate cryptographic parameter and shared secret updates with external partners - Support scheduling and execution of maintenance window activities Required Technical Experience - Experience managing site-to-site IPsec VPNs - Hands-on experience upgrading VPNs from IKEv1 to IKEv2 - Experience configuring and validating VPN tunnel connectivity - Knowledge of cryptographic standards and secure key management practices - Experience managing firewall access control rules - Experience with Cisco Firepower firewall platforms - Ability to implement least privilege network access controls - Experience performing post-change validation and troubleshooting network issues - Experience coordinating technical changes with internal teams and external partners - Experience working within structured maintenance window processes Preferred Qualifications - Experience in healthcare or higher education IT environments - Familiarity with large-scale enterprise network environments - Experience supporting change management processes in production environments Desired Certifications - Cisco CCNA Security or CCNP Security (or equivalent experience) - CompTIA Security+ or equivalent security certification - ITIL Foundation (preferred)
location: Rancho Cordova, California
job type: Contract
salary: $70 - 80 per hour
work hours: 8am to 5pm
education: No Degree Required responsibilities:
Our client is seeking a contract resource to support modernization of site-to-site IPsec VPN tunnels and firewall access control policy hardening within the client's environment. This role will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external partners. Responsibilities - Review approximately 80 existing site-to-site IPsec VPN tunnels - Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2 - Ensure VPN configurations align with organizational cryptographic standards - Update pre-shared keys (PSKs) to meet a minimum 20-character requirement - Validate VPN tunnel functionality after each change - Review approximately 10 firewall access control rules on Cisco Firepower - Modify firewall rules to remove overly permissive or broad subnet access - Restrict firewall rules to required source/destination networks, ports, and protocols - Apply principle of least privilege in firewall rule updates - Perform validation testing after firewall changes to confirm no service disruption - Coordinate implementation activities with UC Davis campus teams and external partners - Support execution of approved maintenance window changes - Provide technical assistance during implementation activities - Document VPN and firewall changes and validation results - Coordinate cryptographic parameter and shared secret updates with external partners - Support scheduling and execution of maintenance window activities Required Technical Experience - Experience managing site-to-site IPsec VPNs - Hands-on experience upgrading VPNs from IKEv1 to IKEv2 - Experience configuring and validating VPN tunnel connectivity - Knowledge of cryptographic standards and secure key management practices - Experience managing firewall access control rules - Experience with Cisco Firepower firewall platforms - Ability to implement least privilege network access controls - Experience performing post-change validation and troubleshooting network issues - Experience coordinating technical changes with internal teams and external partners - Experience working within structured maintenance window processes Preferred Qualifications - Experience in healthcare or higher education IT environments - Familiarity with large-scale enterprise network environments - Experience supporting change management processes in production environments Desired Certifications - Cisco CCNA Security or CCNP Security (or equivalent experience) - CompTIA Security+ or equivalent security certification - ITIL Foundation (preferred) qualifications:
Our client is seeking a contract resource to support modernization of site-to-site IPsec VPN tunnels and firewall access control policy hardening within the client's environment. This role will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external partners. Responsibilities - Review approximately 80 existing site-to-site IPsec VPN tunnels - Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2 - Ensure VPN configurations align with organizational cryptographic standards - Update pre-shared keys (PSKs) to meet a minimum 20-character requirement - Validate VPN tunnel functionality after each change - Review approximately 10 firewall access control rules on Cisco Firepower - Modify firewall rules to remove overly permissive or broad subnet access - Restrict firewall rules to required source/destination networks, ports, and protocols - Apply principle of least privilege in firewall rule updates - Perform validation testing after firewall changes to confirm no service disruption - Coordinate implementation activities with UC Davis campus teams and external partners - Support execution of approved maintenance window changes - Provide technical assistance during implementation activities - Document VPN and firewall changes and validation results - Coordinate cryptographic parameter and shared secret updates with external partners - Support scheduling and execution of maintenance window activities Required Technical Experience - Experience managing site-to-site IPsec VPNs - Hands-on experience upgrading VPNs from IKEv1 to IKEv2 - Experience configuring and validating VPN tunnel connectivity - Knowledge of cryptographic standards and secure key management practices - Experience managing firewall access control rules - Experience with Cisco Firepower firewall platforms - Ability to implement least privilege network access controls - Experience performing post-change validation and troubleshooting network issues - Experience coordinating technical changes with internal teams and external partners - Experience working within structured maintenance window processes Preferred Qualifications - Experience in healthcare or higher education IT environments - Familiarity with large-scale enterprise network environments - Experience supporting change management processes in production environments Desired Certifications - Cisco CCNA Security or CCNP Security (or equivalent experience) - CompTIA Security+ or equivalent security certification - ITIL Foundation (preferred)
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status. At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact [email protected].
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility). This posting is open for thirty (30) days. Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
Our client is seeking a contract resource to support modernization of site-to-site IPsec VPN tunnels and firewall access control policy hardening within the client's environment. This role will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external partners. Responsibilities - Review approximately 80 existing site-to-site IPsec VPN tunnels - Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2 - Ensure VPN configurations align with organizational cryptographic standards - Update pre-shared keys (PSKs) to meet a minimum 20-character requirement - Validate VPN tunnel functionality after each change - Review approximately 10 firewall access control rules on Cisco Firepower - Modify firewall rules to remove overly permissive or broad subnet access - Restrict firewall rules to required source/destination networks, ports, and protocols - Apply principle of least privilege in firewall rule updates - Perform validation testing after firewall changes to confirm no service disruption - Coordinate implementation activities with UC Davis campus teams and external partners - Support execution of approved maintenance window changes - Provide technical assistance during implementation activities - Document VPN and firewall changes and validation results - Coordinate cryptographic parameter and shared secret updates with external partners - Support scheduling and execution of maintenance window activities Required Technical Experience - Experience managing site-to-site IPsec VPNs - Hands-on experience upgrading VPNs from IKEv1 to IKEv2 - Experience configuring and validating VPN tunnel connectivity - Knowledge of cryptographic standards and secure key management practices - Experience managing firewall access control rules - Experience with Cisco Firepower firewall platforms - Ability to implement least privilege network access controls - Experience performing post-change validation and troubleshooting network issues - Experience coordinating technical changes with internal teams and external partners - Experience working within structured maintenance window processes Preferred Qualifications - Experience in healthcare or higher education IT environments - Familiarity with large-scale enterprise network environments - Experience supporting change management processes in production environments Desired Certifications - Cisco CCNA Security or CCNP Security (or equivalent experience) - CompTIA Security+ or equivalent security certification - ITIL Foundation (preferred)
location: Rancho Cordova, California
job type: Contract
salary: $70 - 80 per hour
work hours: 8am to 5pm
education: No Degree Required responsibilities:
Our client is seeking a contract resource to support modernization of site-to-site IPsec VPN tunnels and firewall access control policy hardening within the client's environment. This role will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external partners. Responsibilities - Review approximately 80 existing site-to-site IPsec VPN tunnels - Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2 - Ensure VPN configurations align with organizational cryptographic standards - Update pre-shared keys (PSKs) to meet a minimum 20-character requirement - Validate VPN tunnel functionality after each change - Review approximately 10 firewall access control rules on Cisco Firepower - Modify firewall rules to remove overly permissive or broad subnet access - Restrict firewall rules to required source/destination networks, ports, and protocols - Apply principle of least privilege in firewall rule updates - Perform validation testing after firewall changes to confirm no service disruption - Coordinate implementation activities with UC Davis campus teams and external partners - Support execution of approved maintenance window changes - Provide technical assistance during implementation activities - Document VPN and firewall changes and validation results - Coordinate cryptographic parameter and shared secret updates with external partners - Support scheduling and execution of maintenance window activities Required Technical Experience - Experience managing site-to-site IPsec VPNs - Hands-on experience upgrading VPNs from IKEv1 to IKEv2 - Experience configuring and validating VPN tunnel connectivity - Knowledge of cryptographic standards and secure key management practices - Experience managing firewall access control rules - Experience with Cisco Firepower firewall platforms - Ability to implement least privilege network access controls - Experience performing post-change validation and troubleshooting network issues - Experience coordinating technical changes with internal teams and external partners - Experience working within structured maintenance window processes Preferred Qualifications - Experience in healthcare or higher education IT environments - Familiarity with large-scale enterprise network environments - Experience supporting change management processes in production environments Desired Certifications - Cisco CCNA Security or CCNP Security (or equivalent experience) - CompTIA Security+ or equivalent security certification - ITIL Foundation (preferred) qualifications:
Our client is seeking a contract resource to support modernization of site-to-site IPsec VPN tunnels and firewall access control policy hardening within the client's environment. This role will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external partners. Responsibilities - Review approximately 80 existing site-to-site IPsec VPN tunnels - Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2 - Ensure VPN configurations align with organizational cryptographic standards - Update pre-shared keys (PSKs) to meet a minimum 20-character requirement - Validate VPN tunnel functionality after each change - Review approximately 10 firewall access control rules on Cisco Firepower - Modify firewall rules to remove overly permissive or broad subnet access - Restrict firewall rules to required source/destination networks, ports, and protocols - Apply principle of least privilege in firewall rule updates - Perform validation testing after firewall changes to confirm no service disruption - Coordinate implementation activities with UC Davis campus teams and external partners - Support execution of approved maintenance window changes - Provide technical assistance during implementation activities - Document VPN and firewall changes and validation results - Coordinate cryptographic parameter and shared secret updates with external partners - Support scheduling and execution of maintenance window activities Required Technical Experience - Experience managing site-to-site IPsec VPNs - Hands-on experience upgrading VPNs from IKEv1 to IKEv2 - Experience configuring and validating VPN tunnel connectivity - Knowledge of cryptographic standards and secure key management practices - Experience managing firewall access control rules - Experience with Cisco Firepower firewall platforms - Ability to implement least privilege network access controls - Experience performing post-change validation and troubleshooting network issues - Experience coordinating technical changes with internal teams and external partners - Experience working within structured maintenance window processes Preferred Qualifications - Experience in healthcare or higher education IT environments - Familiarity with large-scale enterprise network environments - Experience supporting change management processes in production environments Desired Certifications - Cisco CCNA Security or CCNP Security (or equivalent experience) - CompTIA Security+ or equivalent security certification - ITIL Foundation (preferred)
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status. At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact [email protected].
Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility). This posting is open for thirty (30) days. Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.
We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.
Posted 2026-05-18
Recommended Jobs
Inclusion Specialist - Lennox Unified School District
Woodcraft Rangers
Lennox, CA
Job Title: Inclusion Specialist Are you passionate about giving back to your community and serving the youth? Who We Are: In 1922, Woodcraft Rangers opened its doors in Los Angeles …
View Details
Posted 2026-01-21
Human Resources Associate
Menlo School
Atherton, CA
Description Menlo School is seeking a Human Resources Associate to support a broad range of HR functions, with a focus on recruitment, onboarding, performance management, leave administration, trai…
View Details
Posted 2026-01-29
Building Maintenance Technician
Elite Service Experts
Sacramento, CA
Join our dynamic team at a leading single-source service company headquartered in Sacramento, specializing in comprehensive building maintenance services for commercial properties across Northern Cal…
View Details
Posted 2026-04-13
Licensed Vocational Nurse (LVN)
Rockwell Care
Weed, CA
Shasta View is now hiring LVNs for ALL SHIFTS . We are a skilled nursing facility located in Weed, CA. We are interested in experienced LVNs, as well NEW GRAD LVNs for ALL SHIFTS, and are willing t…
View Details
Posted 2026-04-06
Logistics Coordinator
Zero Impact Energy
California
Benefits: Company parties Dental insurance Health insurance Paid time off Work Location : In-person (office) no hybrid or remote work. WHO WE ARE: We are an end-to-end Renewable…
View Details
Posted 2026-05-09
Mechanical Project Engineer
K2 Staffing
Ventura, CA
Summary Our client is a well-established and growing mechanical engineering consulting firm based in Ventura, CA , specializing in the design of complex building systems for large-scale commer…
View Details
Posted 2026-01-13
Growth Marketing Manager - SaaS Subscriptions
TP-Link Systems Inc.
Irvine, CA
About Us: Headquartered in the United States, TP-Link Systems Inc. is a global provider of reliable networking devices and smart home products, consistently ranked as the world’s top provider of …
View Details
Posted 2026-04-01