Network Security Engineer

Location: Remote

Duration: Initial 6 months contract plus extension

Work Requirements: US Citizen, GC Holders or Authorized to work in US

Network Security Engineering services to validate existing firewall rulesets in place and approve new firewall requests for client's on-premise and cloud firewalls. The project requires that all firewall rules be reviewed and optimized, removing legacy rules, and validating business owners for existing production rules to meet Automated Cybersecurity Evaluation Toolbox (ACET) evolving private banking audit requirements. Additionally, the project requires security engineering services support the integration of FireMon and ServiceNow ticketing to automate the quarterly and annual firewall rules compliance reviews.

Network Security Services

1. Firewall Rule analysis across various vendor devices (over 30,000 firewall rules & 11,000 servers)
2. Ensure new firewall rule requests align with client’s security and compliance policies
3. Recommendation of Firewall Rule security and design improvements
4. Validation of rules to disable
5. In-depth troubleshooting of infrastructure as applicable
6. Establish and maintain system documentation
7. Integration support between FireMon and ServiceNow
8. Integration support between Firemon and Illumio
9. Tracking of Firewall Rule status and their metrics
10. Ability to provide OnCall coverage and work after-hour changes as needed to support project/KTLO efforts

Firewall Rule Configuration and Audit Consulting:

1. Review existing FireMon rule audit reports and findings with client’s team (hit counts, unused rules, etc.)
2. Determine process for rule owner identification and cleanup
3. Review of firewall rules – Cisco and Check Point virtual firewalls
4. For each rule, determine current asset owner and document
5. For each rule, validate if the firewall rule is still required for all assets covered by rule (consult Navy Federal rule owners)
6. If rules contain assets that are no longer in production or policy that is no longer required, document finding and schedule change control to remove/clean up rule from existing firewall policy.
7. Leverage existing firewall management tools for discovery and maintenance/cleanup:
   • Adaptive Security Device Manager (ASDM)/Cisco Defense Orchestrator and FireMon Security Manager
8. Determine and document process for validating rules with client's team members
9. Monitor ServiceNow ticket queue to avoid SLA delay for client tickets

• Bachelor's Degree in Computer or Electrical Engineering, Computer Science or related field or equivalent work experience
• 7 – 10 years advanced hands-on experience and knowledge
• General understanding of Cisco CDO for legacy Cisco ASAs
• Knowledge of Palo Alto SCM for NGFW migration and effort estimation
• Check Point experience needed
• FireMon experience needed
• Azure Cloud experience a plus
• Palo Alto experience a plus
• Splunk experience needed
• Cisco CCNA cert OR CompTIA Security+ (Plus) Certification
• Experience in large company environments, preferably financial institutions
• Cross-functional communication skills

A Cyber Security Engineer protects the organization's computer systems and networks from cyber threats by implementing security measures, monitoring systems, and responding to incidents. Key skills include expertise in executing security measures, proficiency with firewalls, VPNs, IDS/IPS, web proxies, and strong attention to detail and problem-solving skills.

• Comprehensive medical benefits
• Competitive pay, 401(k)
• Retirement plan
• …and much more!

Technology is our focus and quality is our commitment. We deliver flexible technology and talent solutions tailored to client needs. Learn more at inspyrsolutions.com.

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants, complying with all applicable laws.