Cyber Security Engineer

BRMi is seeking a Cyber Security Engineer

A Cyber Security Engineer protects the organization's computer systems and networks for cyber threats by implementing security measures, monitoring systems, and responding to incidents1. Expertise in executing security measures for protection of data, systems, and networks2. Proficiency in firewalls, VPNs, IDS/IPS, web proxies, etc.3. Strong attention to detail and problem-solving skills.

Benefits:• Comprehensive Medical, Dental, and Vision Insurance• Employer-Paid Life Insurance• Employer-Paid Short-Term and Long-Term Disability Insurance• 401(k) Plan with Immediate Vesting eligibility on the first of the month following start date• Paid Time Off (PTO) that includes Vacation Leave, Sick Leave, and 11 Paid Holidays• Educational Assistance

Salary Range: 70k-110k

Target:80k-85k

**Can be 100% remote in TX, NJ, NC, WV, AL, VA, MD, MO, DC, GA, or FL**

Clickhereto learn about BRMi's culture.

Clickhere to see BRMi’s Glassdoor reviews

Project Summary: Network Security Engineering services to our customer is to validate existing firewall rulesets in place and approve new firewall requests for Navy Federal’s on-premise and cloud firewalls. The project requires that all firewall rules be reviewed and optimized, removing legacy rules, and validating business owners for existing production rules to meet Automated Cybersecurity Evaluation Toolbox (ACET) evolving private banking audit requirements. Additionally, the project requires security engineering services support the integration of FireMon and ServiceNow ticketing to automate the quarterly and annual firewall rules compliances reviews.

• Network Security Services:
  • Firewall Rule analysis across various vendor devices (over 30,000 firewall rules & 11,000 servers)
  • Ensure new firewall rule requests align with Navy Federal’s security and compliance policies
  • Recommendation of Firewall Rule security and design improvements
  • Validation of rules to disable
  • In depth troubleshooting of infrastructure as applicable
  • Establish and maintain system documentation
  • Integration support between FireMon and ServiceNow
  • Integration support between Firemon and Illumio
  • Tracking of Firewall Rule status and their metrics
  • Ability to provide OnCall coverage and work after-hour changes as needed to support project/KTLO efforts
• Firewall Rule Configuration and Audit Consulting:
  • Review existing FireMon rule audit reports and findings with Navy Federal’s team (hit counts, unused rules, etc.)
  • Determine process for rule owner identification and cleanup
  • Review of firewall rules – Cisco and Check Point virtual firewalls
  • For each rule, determine current asset owner and document
  • For each rule, validate if the firewall rule is still required for all assets covered by rule (consult Navy Federal rule owners)
  • For each rule, if rules contain assets that are no longer in production or policy that is no longer required document finding and schedule change control to remove/clean up rule from existing firewall policy.
  • Leverage existing firewall management tools for discovery and maintenance/cleanup:
  • Adaptive Security Device Manager (ASDM)/Cisco Defense Orchestrator and FireMon Security Manager
  • Determine and document process for validating rules with Navy Federal team members
  • Monitor ServiceNow ticket queue to avoid SLA delay for client tickets
• Perform other duties as assigned

• Bachelor's Degree in Computer or Electrical Engineering, Computer Science or related field or equivalent work experience
• 7 – 10 years advance hands on experience and knowledge
• General understanding of Cisco CDO for legacy NFCU Cisco ASAs
• Knowledge of Palo Alto SCM for NFCU NGFW (Next Gen Firewall) migration and level of effort
• Checkpoint experience needed
• FireMon experience needed
• Azure Cloud experience a plus
• Palo Alto experience a plus
• Splunk experience needed
• Cisco CCNA cert **OR CompTia Security+ (Plus) Certification**
• Worked in a larger company environment (preferably financial institution)
• Cross functional communication

**BRMi will not sponsor applicants for work visas for this position.**

**This is a W2 opportunity only**

EOE/Minorities/Females/Vet/Disabled

We are an equal opportunity employer that values diversity and commitment at all levels. All individuals, regardless of personal characteristics, are encouraged to apply. Employment policies and decisions on employment and promotion are based on merit, qualifications, performance, and business needs. The decisions and criteria governing the employment relationship with all employees are made in a nondiscriminatory manner, without regard to race, religion, color, national origin, sex, age, marital status, physical or mental disability, medical condition, veteran status, or any other factor determined to be unlawful by federal, state, or local statutes.