Job summary
a security specialist role focused on cyber security operations.
the position involves enhancing technical controls deployed for a worldwide enterprise and designing, installing, configuring, and troubleshooting network security products.
this is an opportunity to serve as a network security design engineer on corporate security programs.
key responsibilities:
* enhance security technical controls for a global organization
* design, install, configure, and troubleshoot network security products
* serve as the network security design engineer on corporate security programs
* provide expert level research and analysis for planning, organizing, and managing corporate-wide network security functions related to firewall & proxy technologies
* drive ongoing performance, availability, and capacity optimization
* identify and document business cases, requirements, and solutions
* translate functional business requirements into a technical solution that conforms to security standards
* link technical capabilities to strategic roadmaps and business needs
* identify gaps, suggest best practices to enhance security posture
* upgrade in-scope security infrastructure to maintain current versions
* keep patches up to date on in-scope security infrastructure
* standard escalation to senior staff
* maintain an audit review process for policy exceptions
* automation of common processes to reduce workload
* participation in root cause analysis with senior level engineers
* troubleshooting with end users
* response and participation on critical incidents as part of an emergency response team (ert)
* remediating virus infections either directly or through collaboration with field services teams
* develop security key performance indicators around technologies
required skills and qualifications:
* must have: overall experience varying from 2 yrs till 6 yrs
* hands-on and expert level experience in handling and troubleshooting below tools and technologies
* firewall – cisco, palo alto preferred or others
* web proxy – zscaler preferred or others (zia and zpa)
* ssl vpn – cisco anyconnect, palo alto global protect preferred or others
* intrusion prevention system (ips) appliances – cisco firepower preferred or others
* ipsec tunnel configuration and troubleshooting
* stateful inspection and managing next gen firewalls
* extensive understanding of remote access solutions
* knowledge of external services environments including ssl certificate exchange, remote access solutions, and business to business interconnects (site-to-site vpns)
* firewall management and monitoring solutions
* strong understanding of tcp/ip, web protocols and networking concepts
* experience as a technical lead guiding other technical resources
* ability to balance security with end user productivity for technical controls