Network Security Engineer/Architect

Telecommuter

Applications have closed

Planned Parenthood

Planned Parenthood Federation of America is a nonprofit organization that provides sexual health care in the United States and globally.

View company page

Planned Parenthood Federation of America (PPFA) is the national umbrella organization for the nation’s leading network of women’s health care providers, educators, and advocates, serving women, men, teens and families. Planned Parenthood Action Fund (PPAF) is the advocacy and political arm of PPFA. For over 100 years, Planned Parenthood has done more than any other organization in the United States to improve women’s health and safety, prevent unintended pregnancies, and advance the right and ability of individuals and families to make informed and responsible health care decisions.  
Planned Parenthood Federation of America (PPFA) and Planned Parenthood Action Fund (PPAF) seeks a dynamic and effective Network Security Engineer/Architect. This job reports directly to the Sr. Dir, Security Operations in the Information Security division of PPFA. The Office of Information Security provides the strategy and implementation of the information security program that safeguards the data entrusted to Planned Parenthood by its patients, supporters, donors and staff.

Purpose

  • The Network Security Engineer/Architect will work within a multi-disciplined team to support the Information Security Operations and Security Architecture domains by providing engineering expertise on end to end networking security infrastructure, including on-prem and cloud-based environments, physical and virtual security products, Next Generation Firewalls, CASB/SASE frameworks, as well as the DevSecOps initiatives, while following network security architecture standards and best security practices. This role adapts programs/policies to deliver a portfolio of projects and services. This role captures specific aspects of the customers’ needs or operational environment to ensure optimal project design/delivery. 

Delivery

  • The Network Security Engineer/Architect will have primary responsibility for deploying and configuring Next Generation (Palo Alto) Firewalls to include implementing and adjusting firewall/networking policy rules, web proxies/DNS filters, cloud/host network security controls, traffic capture/logging, CASB/SASE configurations and other security-related constructs at the network layer and cloud environment level. Additionally, they will manage both AWS and Google security configurations, as well as overall network vulnerability management, along with identifying and providing recommendations for resolving security concerns related to the network environment, and will support security architecture networking priorities according to the security architecture roadmap. This role will support optimal delivery through adapting procedures and may affect quality project/service delivery. 
  • The engineer will also support in the development and management of information security operations, maintenance activities, written policy and SOP’s, and assists in the design/implementation of emergency/incident response processes and BCP/DR network redundancy.
  • The engineer is responsible for developing security control implementation plans and coordinating the development of advanced security network initiatives or access control mechanisms that can be implemented on security systems such as intrusion prevention/detection systems, firewalls, routers or endpoints in response to new or observed threats within the enterprise.
  • The engineer will leverage working knowledge of security and security tool technologies to improve the security posture and will provide leadership and guidance in identifying current tool capabilities and improvements that can be applied to their configuration through configuration tuning or improved processes.
  • At the direction of the Security Architecture Director, will successfully complete Security Architecture prioritized deliverables.
  • The engineer will implement and adjust both AWS & GSuite configurations in accordance with AWS/GSuite security best practices including AWS/GSuite HIPAA configuration requirements.
  • The engineer will assist in audits, surveys and assessments and maintain security-related procedures applied to new and ongoing network services and security architecture priorities. 

Engagement

  • The Network Security Engineer/Architect will engage with all team members in Information Security, IT Operations, DevSecOps, Architecture, Information Technology, PPFA strategic business partners, and management staff within PPFA.
  • Work closely the security team to establish prevention, detection, and mitigation techniques to protect the core networking system capabilities
  • Vendor relationship management with key networking vendors, MSP and MSSP providers.
  • Collaborate with colleagues and clients while reflecting empathy of perspectives, identifying recognition of mutual/complementary interests

Knowledge, Skills and Abilities (KSAs)

  • Reports to the Sr. Dir, Security Operations and will work closely with Sr. Director, Security Architecture. BA or BS in Information Security, Information Assurance, Computer Science, Engineering or related field.
  • 5+ Years’ experience in Information Security Networking, Engineering and Architecture roles
  • Hands-on implementation and troubleshooting experience configuring Palo Alto and other Next Generation Firewalls (NGFW’s) - along with experience in SDN/SD-WAN and Secure Access Service Edge (SASE) platforms.
  • Possess Palo Alto certifications i.e. Palo Alto Networks Certified Network Security Administrator (PCNSA) or Palo Alto Networks Certified Network Security Engineer (PCNSE) preferred. 
  • Hands-on experience with and knowledge of IT security architecture and design (e.g., firewalls, IPS/IDS systems, CASB/SASE, virtual private networking, virus protection technologies, LAN/WAN design, cloud security platforms (AWS,Azure, Google) and/or general internetworking technologies)
  • Full understanding of IP network and security engineering
  • Knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, and network traffic analysis.
  • Ability to write concise analytical reports and assessments.
  • Ability to write / diagram network & cloud infrastructure topologies.
  • Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience.

Travel

  •  As needed
Starting Salary: 125k
*LI-KM1
Final offers for this job will be based on capabilities and will be made within the parameters of the PPFA compensation program. Total offer package to include generous vacation + sick leave + paid holidays, individual/family provided medical, dental and vision benefits effective day 1, life insurance, short/long term disability, paid family leave and 401k. We also offer voluntary opt in for Flexible Spending Account (FSA) and Transportation/Commuter accounts.   
We value a truly diverse workforce and a culture of inclusivity and belonging. Our goal is to attract qualified candidates and encourage applications from all individuals without regard to race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other characteristic protected by applicable law.  We're committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.
PPFA participates in the E-Verify program and is an Equal Opportunity Employer
*LI-KM1*PDN-HR

Tags: Audits AWS Azure Cloud Computer Science DevSecOps DNS Firewalls HIPAA IDS Incident response Intrusion detection Intrusion prevention IPS Network security NGFW Strategy Vulnerability management

Perks/benefits: Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave

Region: Remote/Anywhere
Job stats:  37  5  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.