Network Security Engineer - Onsite

Job Description

Role: Network Security Engineer

Duration: 6 + Months

Location: This is a hybrid role and can be in other locations. The campuses are located in key business hubs, including Appleton, WI, Bethlehem, PA, Holmdel, NJ, New York, NY, Pittsfield, MA, Spokane, WA, and Stamford, CT.

Top must-have skills

• Cisco ISE, VMware NSX, and Cisco FMC

Position Summary:

The Cybersecurity Engineering Team Engineers builds and owns a broad variety of cutting-edge security controls and technologies that generally fall within the domains of Network, Endpoint, Data, and Identity Security and are deployed within Private and Public Cloud environments. The Team is also responsible for the operational efficiency and resiliency of the said controls and technologies and designs corresponding operational processes to be performed by its partner, the Cyber Defense Center Operations team. The Team assesses and prioritizes the modern cyber-attack vectors and partners with other companies’ cybersecurity and infrastructure teams to engineer effective cybersecurity protective controls, ensure efficient and non-disrupting operations of the controls, and build new and enhance existing Cyber Defense Center’s Monitoring and Response Use Cases with a goal to provide the Organization with the maximum level of protection and create robust countermeasures to prevent future cybersecurity incidents. Team members aid in investigations of suspicious activity on the infrastructure, troubleshoot application performance issues, and train and mentor the members of the Cyber Defense Services team to ensure efficient 24x7 production support for the owned technology. The Team also builds automation workflows, following DevOps methodology, for proactive remediation of service deficiencies and enables self-service capabilities for the owned technology, to be consumed by the internal customers. Reporting to the Head of Cybersecurity Engineering Services, the position will be responsible for the continuous improvement of resiliency and efficiency and broadening the capabilities of the Network Security controls that protect the network, the network edge, and the related endpoint components of the company’s infrastructure. The individual will be challenged by working across a heterogeneous technology stack, delivering on key projects, and responding to escalated operational issues.

A self-starter who is fueled by collaboration, able to transform conceptual thinking into executable insights who thrives in partnering across the company with security, network, compute, and storage engineering and operations teams and providing outstanding service to our internal business and technology customers.

Required

• Intellectual curiosity and proven record of spotting anomalies and identifying creative solutions to resolve deficiencies and optimize performance
• Strong analytical skills, particularly in assessing the risk and impact of sub-optimal control implementations and creativity in addressing and mitigating new threat and attack vectors
• 5+ years of experience with and a solid knowledge of:
• Network and perimeter security technology, including next-generation firewalls, intrusion prevention systems, and Internet proxies, preferably, Cisco products
• Network micro-segmentation approaches to Public and Private Cloud environments, preferably, VMware NSX
• TCP/IP protocol stack, including routing, network address translation, TCP/UDP connectivity, application-level protocols (HTTP, SMTP, DNS, etc.), and a proven track record of troubleshooting and resolving network connectivity and performance issues
• Proven ability to understand, interpret, and correlate the data produced by various event log sources -- network security devices, operating systems, web servers, Public Cloud IaaS, endpoint security controls, etc.
• Working knowledge of at least one modern scripting language (Python, Perl, PowerShell, etc.)
• Familiarity with ITIL; experience with the incident, problem, change, and risk management
• Strong communication and documentation skills, with the ability to develop and deliver standard operating procedures, workflow and decision tree diagrams, and training materials to internal customers
• Excellent organizational skills, detail-oriented, strong on workflow process; ability to manage and follow up on multiple competing priorities effectively; familiarity with Agile work planning methodology
• Customer-focused demeanor; excellent interpersonal skills and a sense of humor
• Desire, curiosity, and passion to learn and grow in the field of Cybersecurity
• Bachelor's degree in Information Technology or any STEM discipline; a Master's degree is beneficial Nice to have
• Knowledge of Cisco ISE and understanding of Microsoft Active Directory
• Recognized Security Industry and Public Cloud IaaS certifications (AWS, Azure, GCP)
• Understanding of CI/CD pipeline and the integrations with security controls
• Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)

Responsibilities

• Design, implement, and operationalize cutting-edge network security technologies on-premises and in the Cloud
• Monitor network security controls for proper operation; plan and execute necessary technology maintenance; support Operations Team on remediations for identified deficiencies
• Resolve escalated service issues and coach other engineers on troubleshooting efforts; partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards
• Develop processes to validate and attest proper operation of network security controls, dashboards, alerts, and reports Reporting Relationships As our Network Security Engineer, you will report to our Head of Cybersecurity Engineering Services, who reports to our Deputy CISO.

     Daram

Talent Acquisition Recruiter

MatchPoint Solutions | 6690 Amador Plaza Rd. Suite 225 | Dublin, CA 94568

Phone: +1 925-361-2638

Qualifications

Role: Network Security Engineer

Duration: 6 + Months

Location: This is a hybrid role and can be in other locations. The campuses are located in key business hubs, including Appleton, WI, Bethlehem, PA, Holmdel, NJ, New York, NY, Pittsfield, MA, Spokane, WA, and Stamford, CT.

Top must-have skills

• Cisco ISE, VMware NSX, and Cisco FMC

Position Summary:

The Cybersecurity Engineering Team Engineers builds and owns a broad variety of cutting-edge security controls and technologies that generally fall within the domains of Network, Endpoint, Data, and Identity Security and are deployed within Private and Public Cloud environments. The Team is also responsible for the operational efficiency and resiliency of the said controls and technologies and designs corresponding operational processes to be performed by its partner, the Cyber Defense Center Operations team. The Team assesses and prioritizes the modern cyber-attack vectors and partners with other companies’ cybersecurity and infrastructure teams to engineer effective cybersecurity protective controls, ensure efficient and non-disrupting operations of the controls, and build new and enhance existing Cyber Defense Center’s Monitoring and Response Use Cases with a goal to provide the Organization with the maximum level of protection and create robust countermeasures to prevent future cybersecurity incidents. Team members aid in investigations of suspicious activity on the infrastructure, troubleshoot application performance issues, and train and mentor the members of the Cyber Defense Services team to ensure efficient 24x7 production support for the owned technology. The Team also builds automation workflows, following DevOps methodology, for proactive remediation of service deficiencies and enables self-service capabilities for the owned technology, to be consumed by the internal customers. Reporting to the Head of Cybersecurity Engineering Services, the position will be responsible for the continuous improvement of resiliency and efficiency and broadening the capabilities of the Network Security controls that protect the network, the network edge, and the related endpoint components of the company’s infrastructure. The individual will be challenged by working across a heterogeneous technology stack, delivering on key projects, and responding to escalated operational issues.

A self-starter who is fueled by collaboration, able to transform conceptual thinking into executable insights who thrives in partnering across the company with security, network, compute, and storage engineering and operations teams and providing outstanding service to our internal business and technology customers.

Required

• Intellectual curiosity and proven record of spotting anomalies and identifying creative solutions to resolve deficiencies and optimize performance
• Strong analytical skills, particularly in assessing the risk and impact of sub-optimal control implementations and creativity in addressing and mitigating new threat and attack vectors
• 5+ years of experience with and a solid knowledge of:
• Network and perimeter security technology, including next-generation firewalls, intrusion prevention systems, and Internet proxies, preferably, Cisco products
• Network micro-segmentation approaches to Public and Private Cloud environments, preferably, VMware NSX
• TCP/IP protocol stack, including routing, network address translation, TCP/UDP connectivity, application-level protocols (HTTP, SMTP, DNS, etc.), and a proven track record of troubleshooting and resolving network connectivity and performance issues
• Proven ability to understand, interpret, and correlate the data produced by various event log sources -- network security devices, operating systems, web servers, Public Cloud IaaS, endpoint security controls, etc.
• Working knowledge of at least one modern scripting language (Python, Perl, PowerShell, etc.)
• Familiarity with ITIL; experience with the incident, problem, change, and risk management
• Strong communication and documentation skills, with the ability to develop and deliver standard operating procedures, workflow and decision tree diagrams, and training materials to internal customers
• Excellent organizational skills, detail-oriented, strong on workflow process; ability to manage and follow up on multiple competing priorities effectively; familiarity with Agile work planning methodology
• Customer-focused demeanor; excellent interpersonal skills and a sense of humor
• Desire, curiosity, and passion to learn and grow in the field of Cybersecurity
• Bachelor's degree in Information Technology or any STEM discipline; a Master's degree is beneficial Nice to have
• Knowledge of Cisco ISE and understanding of Microsoft Active Directory
• Recognized Security Industry and Public Cloud IaaS certifications (AWS, Azure, GCP)
• Understanding of CI/CD pipeline and the integrations with security controls
• Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)

Responsibilities

• Design, implement, and operationalize cutting-edge network security technologies on-premises and in the Cloud
• Monitor network security controls for proper operation; plan and execute necessary technology maintenance; support Operations Team on remediations for identified deficiencies
• Resolve escalated service issues and coach other engineers on troubleshooting efforts; partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards
• Develop processes to validate and attest proper operation of network security controls, dashboards, alerts, and reports Reporting Relationships As our Network Security Engineer, you will report to our Head of Cybersecurity Engineering Services, who reports to our Deputy CISO.

     Daram

Talent Acquisition Recruiter

MatchPoint Solutions | 6690 Amador Plaza Rd. Suite 225 | Dublin, CA 94568

Phone: +1 925-361-2638

Additional Information

All your information will be kept confidential according to EEO guidelines.