Job Description
Network security engineer is part of the Network team responsible for the design, build and run global footprint of network security infrastructure to align with the existing operational support 24x7 high available and compliant environments for on-premises and cloud-based.
Works closely with Infrastructure, DevOps, IPSecurity, and other functional area specialists to ensure adequate network security solutions are engineered and deployed across environments, together with other platforms to mitigate network security risks sufficiently to meet business objectives and regulatory requirements. Participate in sessions with internal and external audit teams to delivery status on network security on PCI and PCI DSS compliance activities.
Diverse network experience with leveraging on-prem, virtualization, and cloud Amazon Web Services (AWS) to support business and information technology needs. Proven results necessary to be successful in a rapidly changing technology while delivering cost-effective, creative, scalable, resilient, and secure network technology solutions.
10+years network experience with proven success building and delivery world-class compliant network solutions
Ability to handle multiple tasks in a fast-paced environment, and prioritize highly varied work to maintain required productivity levels
Maintain, establish, and present performance and capacity metrics in association to the availability, performance of the environments and workload of the team
Shared responsibilities of the network security product change lifecycle from definition through development, delivery, and results assessment
Drive the efficient and effective delivery of our committed strategic plans with high availability, zero trust network access (ZTNA) and edge authentication
Experience with PCI and PCI DSS compliance activities leading sessions with internal compliance teams ensuring zero deviations and vulnerabilities.
Maintain, deploy, upgrade, and troubleshoot network security infrastructure solutions including firewalls, load balancers, client VPN, wireless, IP and access layer controls
Lead extensive troubleshooting effort including switch, router, and firewall analysis
Collaborate with Security, Infrastructure, Compliance and Operations teams to develop consistent technical solutions, implementation activities and support processes
Participate in the design, lifecycle management, and total cost of ownership of network security appliances, applications, and services
Work closely with Compliance team to review vulnerability assessments and penetration testing
Prioritize and manage execution of day-to-day operational network security changes to firewall, IDS/IPS, ACLs and other network security device configurations
Participate in definition of network security strategies and policies
Develop and refine network baseline security standards and management procedures
Creation and maintenance of network security diagrams
Best practice network security methodology
Business Continuity and Capacity Management
Communicating and collaboration to executive management and across support teams
Working knowledge in a mature ITSM environment
Support the incident and problem responses with network security solutions
Self-motivated with a hardworking and proactive approach
Assist with on-call support as needed
Technical Skills:
· Cisco datacenter switches, ASR routers, multicast routing, access points (AP), ISE/NAC
· F5 Big-IP GTM, load balancing
· SD-WAN/SDN, WAN optimization
· Next Gen Firewalls and Zero Trust Network Access (ZTNA)/Network Access Control (NAC)
· Proxy/IDS experience/port security/VPN, DNS, DHCP, IPAM
Technology Stack:
· Forcepoint, PulseSecure, Firemon, PaloAlto Panaroma, Netskope
· Viptela SD-WAN
· F5
· Cisco ISE/NAC
Education:
· Bachelor’s Degree in technology Focused Field
· Licenses/certifications preferred: CCNA, CISSP, CISM, CCSP