This is an individual contributor role responsible for solving problems and taking a broad perspective to identify innovative solutions. This is at an intermediate professional level and works independently with minimal guidance, and requires a high level of proficiency in networking and security disciplines.
This position is responsible for the day-to-day design and administration of the network firewalls and proxy systems, designed to protect networks and systems from malicious/unauthorized network access or misuse.
Design, plan and implement aspects of the network security infrastructure
Work closely with customers in the pre-implementation process to design and architect desired customer solutions.
Work closely with the implementation team to quality check deployments and perform initial vulnerability assessment as part of the customer environment acceptance process.
Perform ongoing optimization of the network security devices to ensure adequate capacity, availability, and scalability
Research, plan and coordinate complex maintenance activities
Having a broad knowledge of information security, understanding application, data, threats and mitigation, and security trends.
Primary responsibilities include updating firewall rules/policies to meet customer requirements, validating that user requests do not allow unauthorized network access, firewall log analysis, and troubleshooting network connectivity problem via the use of packet capture using packet capture technologies.
Troubleshooting firewall fault conditions and coordinating firewall rebuild efforts
Coordinates with the customer’s Security Operations Centre to proactively defend against the known exploits and vulnerabilities.
Coordinate with customer’s team to configure internet proxy servers to restrict corporate internet access to support the company’s acceptable use policy.
Diagnoses and resolves network connectivity problems in short time frames
Applies security software patches and assists in capacity expansions.
Updates incident and change management records.
Identify improvements focusing on strategy, service integration, monitoring, documentation, and Automation opportunities.
Utilizes existing tools and leverages open-source solutions to automate tasks with an emphasis on scalability and reliability.
Provides technical support for activities that improve the security posture of Customer’s networks.
Bachelor’s degree in engineering, computer science, telecommunications or a related field is required.
A minimum of 6+ years of professional experience
Strong Experience in Enterprise Networking (Routing, Switching, TCP/IP, etc.)
Strong experience in standard Enterprise Network Firewalls such as Check Point, Fortinet, and Palo Alto Networks.
Experience in Linux and Windows operating systems (high comfort level using CLI interface)
Strong experience with one or more of the open-source and leading proxies such as Squid, Symantec, Zscaler, Forcepoint, etc.
Experience on SIEM and Helpdesk solutions
A self-motivated, attitude of ownership, and a strong desire to learn
Lead and mentor junior team members, on various aspects of network security.
Experience administering enterprise IP networks in mission-critical, 24×7 production environments
Demonstrated ability to systematically troubleshoot problems in complex systems and network environments
CCNP (Security), certifications from one of the other Firewall vendors like Checkpoint, Juniper, Fortinet, Palo Alto, etc.
Familiar with ITIL concepts such as Incident, Change, and Problem Management
Nice to have:
Knowledge experience with one or more programming languages, (Power shell, Python, Yaml, or Groovy)
Exposure to CASB, Web Isolation solutions
Experience with WAF solution on cloud and on-prem, such as Imperva, Akamai Cloud, F5, Fortinet, etc. (nice to have Experience on Anti-DDoS Solutions – Radware, Nexusguards, Arbor Networks, Akamai)
Ability to manage Provider-1 and/or Panorama management and logging systems