Sr. Network Security Engineer
Senior Network Security
This organization is in the middle of several security and network efforts. They have a very small IT team and currently need a senior security network engineer. This person will do a combination of network Security, network engineering/architecture, and security incident response/mitigation. This person will come in as 100% hands on expert with at least 10 years of experience. The company is working major planning and execution efforts around future spin off’ s and divestitures, so this person will be very hands on with the network security parameters and set up in order to help the company prepare for these changes. The organization does not have a SOC or SIEM but is working on Nist compliance along with the other efforts.
Day to Day tasks:
This person will be the senior network security engineer with architectural abilities and experience. The architecture experience is needed because it is a small team, all of the daily efforts will be hands on, there is not a staff to hand things off to. This person will need to be very comfortable working in the trenches, sleeves rolled up, and executing on a variety of tasks. This person will support common network areas such as; windows, vmware, firewalls, OSPF, and Cisco. There will be some general administration concepts as a network SME, but most efforts will focus on the security aspects, setup, support, monitoring, and responding. This person will work in a situation that goes between support, incident response, and helping the company plan and set up steps to help them with future separations of business. This person must know how to set up the appropriate firewalls, security parameters, and environments according to what the company is hoping to achieve. They will need to have experience dealing with various locations both domestic and international. Overall this companies daily data protection is secure, but their long term approach needs refinement, this is where the architecture insight is needed combined with the hands on ability.
The person with have extensive experience with all network security aspects, windows, VMware, firewalls, OSPF, routing, Cisco related technologies, API, active directory, firewalls, NCLS network, and how to strategize and deal with 10 global locations. The network and security concepts are all open for buildouts and assessment and will need someone that can help with a long-term vision.
Additionally as the network security engineer the person must be comfortable dealing with threats, incidents, firewalls, security software set up, extensive analysis, handling compromised accounts, etc.
- MPLS, SDWAN, WAN/LAN, Internet, wireless and remote security set up.
- Site to Site VPN – Configure and maintain remote sites connected via IPSec VPN
- Endpoint Security
- Aruba Networks
- Defines and implements global security policies, standards, guidelines and procedures to Network Routing and Switching: Cisco Catalyst, Cisco Nexus, OSPF
- Firewall - Palo Alto – Design and manage firewall deployments across global network in the datacenter, production sites, and remote offices. Manage firewall policies, AV, IPS, URL Filtering, respond to security alerts from these systems.
- Network Hardware management
- Linux Server Administration – Syslog archiving with syslog-ng or ELK, bandwidth graphing with Cacti, General Python scripting.
- Remote Access VPN – Pulse Secure, Palo Alto Globalprotect – Manage and maintain remote access VPN environment utilizing role based access restrictions for remote and traveling users.
- End User Security – Manage employee security awareness training efforts.
- IT Infrastructure Security – Manage team’ s response to major software/OS/Firmware vulnerabilities as they are announced and coordinate patching with team, audit patch deployment in environment. Drive projects to address end of life hardware and software in environment. Audit endpoint patching to ensure regular updates are happening across all devices, work with system administrators to resolve any issues.
- DNS, DHCP, IPAM support
- Internal PKI, VMware, datacenter network security Detailed understanding of Next Generation firewalls and associated security mechanisms such as VPN and SSL/TLS
- Network Security Engineer – senior level 10 years
- Network security buildout experience and architecture expertise
- Endpoint security
- Network and network security design (MS, Cisco, vmware, windows)
- Incident response, analyzing, escalation, and forensics support
- Experience in a very small team environment
- Experience setting up all network related security, firewalls, and above listed technologies
- Security monitoring and rule sets & handling compromised accounts
Job Type: Contract