Network Security Engineer

PURPOSE OF POSITION:
The Network Security Engineer is responsible for the implementation, maintenance, and integration of the corporate WAN, LAN and server architecture. This individual is also responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of security audits and recommendations. Under general direction, he or she is involved in the full life cycle of network security management. Assists in the development and implementation of security policies, procedures, and measures in a networking environment. Responsible for firewall configuration, maintenance, monitoring and other various network security measures. Performs security assessments and reviews networking initiatives for security compliance. Evaluates and recommends security products for various platforms in the networking environment. Educates users about network security policies and consults on network and security issues.

JOB RESPONSIBILITIES:
NOTE: The following are major responsibilities of this position but are not intended to cover each aspect, as the scope and duties may change or temporarily alter based on business needs. The basic requirement of every position is to perform all tasks as assigned by the reporting authority.

Plan and work with network teams to drive implementation of the technology and its capabilities. Responsible for the architecture of the technology in Network Security, such as Checkpoint Firewall, Proxy/Reverse Proxy, IDS/IPS, Network Segmentation, Files access, AD accounts control, etc.

Lead Security Engineering Design and Implementation. Plan, research, and design robust security architectures based on current security best practices and industry frameworks.

Drive the development of security specifications, standards, and processes to ensure adequate protection of corporate network

Proactively identifying network capacity and performance issues to ensure uninterrupted service

Work with other architects to design the security solutions for applications or systems, and/or provide expertise and consulting to the project teams on security controls needed

Help governing security standards and architecture directions when supporting business needs and establishing business capabilities

Serve as an information security advisor to key technology and business stakeholders, establishing trust relationships through active engagement and collaboration

Participate in application and infrastructure projects to provide security planning and guidance

This position will be responsible for understanding cross-company business needs and designing solutions that meet business requirements while maintaining confidentiality, integrity and availability of information and systems

Create Security Architecture Specifications for multiple Information Security Domains including but not limited to; Governance, Cloud, Wireless, Collaboration

Define, implement and maintain corporate security policies and procedures

Perform risk analysis and security assessments

Perform reporting and metrics

Manage security integration projects for custom, key applications and systems

Assist with creation, maintenance, and implementation of Information Security strategy

EDUCATION/KNOWLEDGE/EXPERIENCE:
Bachelor’s degree in Computer Science, Information Technology, or related field.

Minimum of 5 years prior experience in global information technology infrastructure environment.

Ability to communicate security, information protection, DLP- related concepts to a broad range of technical and non-technical staff, including senior business leaders.

Must hold or be willing to pursue relevant information security, data privacy, and/or information protection related certifications, such as CISSP, CIPT, or equivalents.

Experience in designing and implementing technical solutions for network security, including firewall, proxy services, VPN/remote access, intrusion detection/ prevention, and software-defined network security

Ability to design end-to-end network security solutions across the IT ecosystems

Experience leading implementation programs for improved network security, including segmentation, perimeter and in-depth monitoring, and active response

Understanding of privacy and data security laws/regulations (domestic & international) and industry best practices or frameworks is preferred (e.g. HIPAA, GLBA, PCI-DSS, FFIEC, NIST, GAPP).

Familiar with:
Network segmentation and isolation techniques and strategies

Remote access methods and technologies

Encryption methods and technologies (data at rest and in transit)

Public Key Infrastructure

Network (wired and wireless) Security

Intrusion Detection (within and from outside the perimeter)

Mobile Device Management

Denial of service mitigation strategies and supporting technologies

Patch Management strategies and supporting technologies

Network and Host Firewalls

Extreme Networks switches (Certification is a Plus)

Cisco Routers

Checkpoint Firewalls (Certification is a Plus)

Microsoft Azure and office 365 cloud services

Aruba Networks WLAN Access Points

Network security policy design and management

Security in heterogeneous networks including Azure, office 365 and other cloud services.

Data security assessment

CORE COMPETENCIES:
Self-Management : Personal Credibility, Stress Management, Flexibility, Self Confidence, Initiative, and Thoroughness

People Competencies : Effective Communication, Builds Collaborative Relationships, Self-Awareness, and Interpersonal Awareness

Business Competencies : Technical Skills, Customer Focus, and Critical Thinking