Skip to main content
Security Engineer image

Job description

The Senior Security Engineer is responsible for the overall management of large enterprise networks; this includes the planning, design, 24x7 management, and coordination of the corporate LAN/WAN. This position also manages network security and policies.

Duties

  • Working technical knowledge of network control protocols (CoS, QoS, , NTP, DHCP, EoIP), network management protocols (CDP, TFTP, SNMP, NetFlow) and security protocols (802.1x, Radius, SSH, SSL, AAA, IPSec)
  • Cisco ISE experience required
  • Strong knowledge IP communication and routing is required (OSPF, EIGRP, BGP)
  • Experience with inter-company routing is preferred
  • Understand WAN/LAN and transport technologies (Ethernet, MPLS, TDM circuits)
  • Understanding of overlay transport networks (GETVPN, DMVPN)
  • Strong expertise in documentation using Microsoft Visio, Word and Excel
  • Experience with security solutions that align with customer’s compliance requirements and industry standards like PCI, HIPAA, ISO 27001, NIST, CSF, ITIL, COBIT, Sarbanes Oxley, ISO, SANS 20, etc.
  • Operates and maintains customer network security devices and network security devices
  • Troubleshoots and remedies enterprise network security problems
  • Designs and implements enterprise networks security solutions for client environments
  • Performs network security equipment software and configuration upgrades
  • Training of junior security and/or network engineers on specific technologies
  • Be an escalation point for junior engineers and complex issues/designs/configurations
  • Analyzes, designs, tests, documents, implements / configures, and supports the Security and converged network technologies for clients and internal projects
  • Performs network architecture reviews and develop detailed security engineering design and deployment plans
  • Day to day monitoring of performance and tuning of the security device functionality
  • On-call for escalated issues

Workflow organization

  • Strong interpersonal, written, and oral communication skills
  • Excellent troubleshooting skills
  • Able to conduct research into networking issues and products as required
  • Ability to present ideas in user-friendly language
  • Highly self-motivated and directed, with keen attention to detail
  • Proven analytical and problem-solving abilities
  • Able to effectively prioritize tasks
  • Strong customer service orientation
  • Experience working in a team-oriented, collaborative environment

Requirements and skills

  • Experience with Firewall / IDS / IPS / Cisco PIX Firewall / Checkpoint Firewall / Juniper Firewall, Palo Alto Firewalls / Blue Coat Technology
  • Experience in local and wide area networking, communications, within a multi-platform network environment. Knowledge of: LAN / WAN; VLANs, VoIP, AAA / TACACS, EIGRP, and Cisco ACLs
  • Cisco ISE expertise in wired, wireless, VPN configurations using device profiling, posturing, PxGrid, ThreatGrid and SGT’s
  • Excellent understanding of PKI infrastructure, VPN’s and secure device hardening.
  • Routing and Switching expertise
  • AMP for Network and/or Endpoint
  • IronPort ESA and / or WSA Expertise
  • Palo Alto Traps
  • RSA and other multi-factor authentication mechanisms
  • Working knowledge of Cloud Security
  • Cisco-Meraki Security Products
  • LanCope Stealthwatch
  • SIEM Platforms (Splunk, ArcSight, Nitro LogRythm, etc)
  • Customized scripting in standard languages (Python, PowerShell, Java, etc) a plus
  • Extensive knowledge of IP networking and applications running over networks
  • Hands-on network & application troubleshooting experience
  • Experience with routing protocols (OSPF, BGP)
  • Excellent computer skills including Windows and Linux/Unix operating systems
  • Ability to manage multiple projects simultaneously, to include resources, priorities, and timelines

Education

  • Bachelor degree in related field preferred, or equivalent experience
  • Security Certifications - CISSP, CISM, GIAC, CEH, etc.