Job Description

job summary:
Our client is seeking a contract resource to

support modernization of site-to-site IPsec VPN tunnels and firewall access

control policy hardening within the client's environment. This role

will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower

systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external

partners.

Responsibilities

- Review approximately 80 existing site-to-site IPsec VPN tunnels

- Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2

- Ensure VPN configurations align with organizational cryptographic standards

- Update pre-shared keys (PSKs) to meet a minimum 20-character requirement

- Validate VPN tunnel functionality after each change

- Review approximately 10 firewall access control rules on Cisco Firepower

- Modify firewall rules to remove overly permissive or broad subnet access

- Restrict firewall rules to required source/destination networks, ports, and protocols

- Apply principle of least privilege in firewall rule updates

- Perform validation testing after firewall changes to confirm no service disruption

- Coordinate implementation activities with UC Davis campus teams and external partners

- Support execution of approved maintenance window changes

- Provide technical assistance during implementation activities

- Document VPN and firewall changes and validation results

- Coordinate cryptographic parameter and shared secret updates with external partners

- Support scheduling and execution of maintenance window activities

Required Technical Experience

- Experience managing site-to-site IPsec VPNs

- Hands-on experience upgrading VPNs from IKEv1 to IKEv2

- Experience configuring and validating VPN tunnel connectivity

- Knowledge of cryptographic standards and secure key management practices

- Experience managing firewall access control rules

- Experience with Cisco Firepower firewall platforms

- Ability to implement least privilege network access controls

- Experience performing post-change validation and troubleshooting network issues

- Experience coordinating technical changes with internal teams and external partners

- Experience working within structured maintenance window processes

Preferred Qualifications

- Experience in healthcare or higher education IT environments

- Familiarity with large-scale enterprise network environments

- Experience supporting change management processes in production environments

Desired Certifications

- Cisco CCNA Security or CCNP Security (or equivalent experience)

- CompTIA Security+ or equivalent security certification

- ITIL Foundation (preferred)

 
location: Rancho Cordova, California
job type: Contract
salary: $70 - 80 per hour
work hours: 8am to 5pm
education: No Degree Required

responsibilities:
Our client is seeking a contract resource to

support modernization of site-to-site IPsec VPN tunnels and firewall access

control policy hardening within the client's environment. This role

will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower

systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external

partners.

Responsibilities

- Review approximately 80 existing site-to-site IPsec VPN tunnels

- Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2

- Ensure VPN configurations align with organizational cryptographic standards

- Update pre-shared keys (PSKs) to meet a minimum 20-character requirement

- Validate VPN tunnel functionality after each change

- Review approximately 10 firewall access control rules on Cisco Firepower

- Modify firewall rules to remove overly permissive or broad subnet access

- Restrict firewall rules to required source/destination networks, ports, and protocols

- Apply principle of least privilege in firewall rule updates

- Perform validation testing after firewall changes to confirm no service disruption

- Coordinate implementation activities with UC Davis campus teams and external partners

- Support execution of approved maintenance window changes

- Provide technical assistance during implementation activities

- Document VPN and firewall changes and validation results

- Coordinate cryptographic parameter and shared secret updates with external partners

- Support scheduling and execution of maintenance window activities

Required Technical Experience

- Experience managing site-to-site IPsec VPNs

- Hands-on experience upgrading VPNs from IKEv1 to IKEv2

- Experience configuring and validating VPN tunnel connectivity

- Knowledge of cryptographic standards and secure key management practices

- Experience managing firewall access control rules

- Experience with Cisco Firepower firewall platforms

- Ability to implement least privilege network access controls

- Experience performing post-change validation and troubleshooting network issues

- Experience coordinating technical changes with internal teams and external partners

- Experience working within structured maintenance window processes

Preferred Qualifications

- Experience in healthcare or higher education IT environments

- Familiarity with large-scale enterprise network environments

- Experience supporting change management processes in production environments

Desired Certifications

- Cisco CCNA Security or CCNP Security (or equivalent experience)

- CompTIA Security+ or equivalent security certification

- ITIL Foundation (preferred)

qualifications:
Our client is seeking a contract resource to

support modernization of site-to-site IPsec VPN tunnels and firewall access

control policy hardening within the client's environment. This role

will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower

systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external

partners.

Responsibilities

- Review approximately 80 existing site-to-site IPsec VPN tunnels

- Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2

- Ensure VPN configurations align with organizational cryptographic standards

- Update pre-shared keys (PSKs) to meet a minimum 20-character requirement

- Validate VPN tunnel functionality after each change

- Review approximately 10 firewall access control rules on Cisco Firepower

- Modify firewall rules to remove overly permissive or broad subnet access

- Restrict firewall rules to required source/destination networks, ports, and protocols

- Apply principle of least privilege in firewall rule updates

- Perform validation testing after firewall changes to confirm no service disruption

- Coordinate implementation activities with UC Davis campus teams and external partners

- Support execution of approved maintenance window changes

- Provide technical assistance during implementation activities

- Document VPN and firewall changes and validation results

- Coordinate cryptographic parameter and shared secret updates with external partners

- Support scheduling and execution of maintenance window activities

Required Technical Experience

- Experience managing site-to-site IPsec VPNs

- Hands-on experience upgrading VPNs from IKEv1 to IKEv2

- Experience configuring and validating VPN tunnel connectivity

- Knowledge of cryptographic standards and secure key management practices

- Experience managing firewall access control rules

- Experience with Cisco Firepower firewall platforms

- Ability to implement least privilege network access controls

- Experience performing post-change validation and troubleshooting network issues

- Experience coordinating technical changes with internal teams and external partners

- Experience working within structured maintenance window processes

Preferred Qualifications

- Experience in healthcare or higher education IT environments

- Familiarity with large-scale enterprise network environments

- Experience supporting change management processes in production environments

Desired Certifications

- Cisco CCNA Security or CCNP Security (or equivalent experience)

- CompTIA Security+ or equivalent security certification

- ITIL Foundation (preferred)

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact [email protected].


Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.

Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.


Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.


We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.

Job Tags

Hourly pay, Contract work, Temporary work, For contractors, Work experience placement, Local area

Similar Jobs