Sr Network Engineer

» Sr Network Engineer
Information Technology
in Orlando
, FL
Reference: 19-03126

Description: 

The role of the Sr. Engineer, Information Security Operations is to be a part of security team that safeguards the enterprise infrastructure and information across our client’s worldwide holdings domestically and internationally. The position scope involves implementation, maintenance and configuration of key enterprise security initiatives. Specific initiatives include maintaining and configuring the following products as well as other security devices & operations:

  • Proactively implements, updates, maintains, manages, monitors, and supports enterprise network and systems security operations infrastructure throughout the shared services environment
  • Performs change control and device configuration management activities on all security hardware
  • Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis
  • Participates in security incident response team activities, providing and implementing tactical risk mitigation to incidents
  • Actively protects the availability, confidentiality, and integrity of customer, employee, and business information
  • Works with other Enterprise security team members to review security architecture and design documents to ensure consistency, accuracy and compliance with the articulated security posture and industry requirements
  • Provides vulnerability and threat management monitoring and mitigation response
  • Participates in tactical and operational planning of vulnerability assessment activities
  • Contributes to Enterprise security team effectiveness by accomplishing additional security related results as needed
  • Assists Senior and Lead Information Security Engineers in the review, development, testing and implementation of security plans, products and control techniques
  • Participates in operations and tactical planning
  • Follow the sun schedule, engineer will be required to handle 1 on call shift for 7 days 1X per month

Education:

  • Bachelor Degree in IT field or equivalent experience

Qualifications:

  • 8 years + industry experience
  • Expert troubleshooting skills and ability to research complex issues
  • Extensive experience in field and ability to mentor and guide engineers
  • In depth knowledge of network security best practices
  • Expert level experience with Check Point Firewalls
  • Must have the ability to troubleshoot complex issues
  • Experience with Provider One or Check Point’s Smart Center management station
  • Experience managing Tipping Point Intrusion Protection System or Sourcefire management and configuration experience
  • Experience with Proxy/URL filtering appliances
  • Experienced in configuration and implementation of:
    • Checkpoint Firewalls
    • Sourcefire and Tipping Point IDS/IPS
    • Bluecoat Proxy
    • CISCO ASA

Training Requirements:

  • Any certifications around the specific Network Security Operations Infrastructure tools utilized by our client (Checkpoint, Bluecoat, Pulse Secure, RSA, are a plus)
  • Relevant security certifications preferred:
    • SCNA
    • GCIH/GCIA
    • CISSP
    • CISM
    • OSCP
    • CCNP Security
  • Other certifications may include:
    • CISSP-ISSAP
    • CISSP-ISSEP
    • CCMA
    • GSE
    • CCIE-Security

Knowledge and Skills:

  • Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors
  • Able to work under pressure in time critical situations
  • Strong attention to detail in conducting analysis combined with an ability to accurately record full documentation in support of IAM processes
  • Detailed knowledge of current regional and international best practices in the IAM arena
  • Excellent written and verbal communication skills are required
  • Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman’s terms

Technical Skills:

  • Check Point firewalls via Provider-1/Smart Console, GAIA R76+ experience preferred
  • Checkpoint IPS Blades
  • Pulse Secure and Checkpoint VPN appliances
  • AWS and Security Groups
  • Tipping Point IPDS and SMS Management server systems
  • Sourcefire IDP – Fine tuning and custom signatures
  • Cisco ASA/PIX site-to-Site VPN
  • Bluecoat Proxy and content filtering
  • Bluecoat/Content filtering Cloud base WSS
  • RSA two factor configurations
  • Demonstrated ability to work under pressure, possess good written and oral communication skills, attention to detail, and be self-motivated
  • Ability to analyze business processes to improve security assurance posture of the department
  • Ability to work independently to achieve departmental objectives
  • Understanding of operating system level security and user access audit logging
  • Some experience with account management within Unix
  • Fundamental understanding knowledge – Java, XML, C#, Visual Basic, PowerShell (plus)
  • Fundamental knowledge of SOX/PCI/PII regulations

Job Experience:

  • Minimum of 5 years’ experience in the area of team/vendor management
  • 5 years of experience in Network Security Operations Infrastructure in large, mission-critical environments