Job Description: The security engineer will be responsible for performing operational tasks associated with virtual and physical firewalls including Palo Alto, Cisco, Juniper, Fortinet, and Checkpoint running on Sun, Nokia, and Crossbeam. Vulnerability and remediation management, strong troubleshooting, and hands-on with older firewall platform experience is expected. In addition, the ability to work independently on moderate to complex projects and manage technical issues will be required. Candidates must be able to work collaboratively within a small group as well as with other teams such as Product Management, Security and Network Engineers and Service Managers.
Daily Responsibilities:
- Identify vulnerabilities and remediate via patching, upgrades or configuration
- Troubleshoot technical issues and responding to escalations as needed
- Develop and test firewall deployment and configuration procedures
- Perform IPS installation and configuration as needed
- Perform risk assessment associated with documented procedures
- Perform some configuration and policy creation activities as needed
- Use Palo Alto Tool for performing policy conversions from various vendor platforms to Palo Alto format
Required Experience:
- 7+ years working as an Engineer in large scale enterprise network
- 5+ Years’ hands-on experience as a security engineer working with management and configuration of firewalls including Palo Alto, Checkpoint, Cisco and Fortinet, and with firewall policy development and troubleshooting
- 2+ year experience working with Intrusion Prevention (IPS) and Intrusion Detection (IDS) systems
- Proven experience as a network engineer working with Wireshark or other packet capture software and packet analysis tools on protocols such as TCP/IP (BGP, OSPF, IPSec), Routing and Switching and network management protocols and tools such as SNMP, LDAP, AAA.
Preferred Experience:
- Proven project experience working with Encryption and Hashing Algorithms DES, 3DES, AES, RSA, MD5 and SHA-1
Security Certifications a real plus: CISSP (ISC)2, CISM, CompTIA Security+, OSCP, etc.
Education: BS (minimum) or MS degree in CIS, Security, Engineering, Math, Telecommunications, Sciences.
Notes: Some maintenance window work required (less than 10%)