Back to Job Search

Senior Security Engineer

  • Location: Austin, 78745
  • Job Type:Contract

Posted 26 days ago

Position:  Senior Security Engineer

Location: Remote

Duration: 12 months

Our client, a global telecommunications leader is seeking a Senior Network with the ability to install, manage and maintain Firewalls in both on-premise and cloud environments.  Demonstrated experience in supporting CISCO ASA/Firepower and Fortinet Firewalls as an engineer is REQUIRED. Holding one or more vendor-neutral security certifications or CISCO/Fortinet certifications (e.g., Security +, CISM, CISSP) is a plus for this position.

This position supports a customer out of AUSTIN, TX, and will support the customer’s need to run and maintain the CISCO and Fortinet Firewalls. This position is in direct support (on-site at customer facilities) of our client’s customer in the government sector.  Our client is providing Managed Security Service Provider (MSSP) functions related to the Security Operations Center (SOC) including Tier 1 through Tier 3 resource capabilities and activities related to security monitoring, threat, and vulnerability management and incident response (IR).  Selected candidates must be US Citizens, pass a CJIS background check process, and complete basic safety and security training to meet the customer requirements.   Candidates must be 18 years of age or older.

Responsibilities

  • Run and maintain firewalls and WAFs for customer.
  • Configure, deploy, and troubleshoot Cisco and Fortigate Firewall Platforms
  • Work under limited supervision support and engineering of the WAF and Firewall policies
  • Engineer and Architect solutions using WAFs and firewalls. Develops and maintains WAF and firewall  documentation.
  • Work with internal delivery teams to integrate applications with WAF policies
  • Provide accurate and timely reporting on all project deliverables
  • Analyze firewall configurations and rule sets.
  • Develop and maintain rule sets for firewalls.
  • Help determine tactics, techniques, and procedures (TTPs) for firewalls.
  • Recommend computing environment vulnerability corrections.
  • Perform patch management for MSSP Security tools and customer's security tools.
  • Ability to work with provided security policies to design and implement network and security rules and configurations across various security platforms.
  • Perform Changes to Firewalls as specified by customers.
  • Ability to work with provided security policies to design and implement network and security rules and configurations across various security platforms.
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Document and escalate incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
  • Create and document procedures and work instructions for use by the SOC staff (Tier 2- Tier 3).
  • Train and mentor other engineers as needed.

 

Candidate Requirements

 

Required Experience:

  • Eight (8) years of experience in CISCO/Fortinet FW administration, engineering, and configuration.
  • Demonstrated experience using either an Enterprise/MSSP and/ or cloud Security SIEM technologies as an analyst.
  • Ability to support and work across multiple customer and bespoke systems.
  • Must be able to pass a CJIS background check process and other background checks to comply with customers contracts.
  • Complete basic safety and security training to meet the customer requirements.
  • Ability to work a rotating shift and/or on-call schedule as required.
  • CompTIA Security + certification or equivalent/higher
  • Candidate should have strong communications skills, both written and verbal, be comfortable presenting information to teammates, customer technical personnel and AT&T Leads and Managers.
  • Working knowledge of Windows Active Directory Domains
  • Working Knowledge of various Linux OS
  • Strong Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of cybersecurity and privacy principles.
  • Knowledge of encryption algorithms, cryptography, and cryptographic key management concepts.
  • Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • Knowledge of incident response and handling methodologies.
  • Knowledge of network traffic analysis methods.
  • Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • Knowledge of security system design tools, methods, and techniques.
  • Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).
  • Knowledge of cyber defense and information security policies, procedures, and regulations.
  • Knowledge of the common attack vectors on the application layer.
  • Knowledge of system administration, network, and operating system hardening techniques.
  • Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
  • Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • Knowledge of how to use network analysis tools to identify vulnerabilities.

Preferred Requirements:

The Preferred candidate holding one or more of the industry certifications will be a plus

  • Any CISCO Certifications
  • Any Fortinet Certifications
  • Other Certs - such as CompTIA Networking+, any Cloud Certifications, Azure Sentinel

Candidates will be responsible for following the client's COVID-19 protocols. Please refer to your MATRIX representative for specifics.

About Us

At MATRIX, we expertly match talented professionals with job opportunities to elevate careers. Since 1983, we have placed thousands of professionals at innovative clients across every industry ranging from small startups to Fortune 50 companies. It’s why we’re consistently in the top 25 of all U.S. IT staffing firms and why our consultants rate us well above the industry average, earning us ClearlyRated's Best of Staffing awards year after year. People come to us for a job, and stay with us because of our top-notch consultant care.

MATRIX is and Equal Employment Opportunity employer including disability and veteran and provides reasonable accommodations for all qualified individuals.  Supporting medical or religious documentation will be required where applicable. If you are a qualified individual you may request a reasonable accommodation under the American Disability Act (ADA). If you are a person with a disability needing assistance applying, or at any point in the hiring process, please email us at MATRIX_HR@MatrixRes.com. To ensure a quick response to your request, please use the words “Accommodation request” as the subject line of your email.

For hourly W2 contract roles MATRIX offers a highly competitive benefit package including Medical, Dental, Vision, Life, Disability, HSA, and 401(k) with pre and post-tax options.  Please see MatrixRes.com/Benefits for more information.

For direct hire placement with our clients, benefits would be offered in accordance with that particular client’s offerings. This may include PTO, Medical, Dental, Vision, 401K and other pre and post-tax options.