Sr. Network Security Engineer

Job Description:

The Sr. Network Security Engineer works within a team of Engineers. The engineer must demonstrate extensive experience working with Network Security centric platforms at large organizations. The engineer must interpret the published Network Security Standards and implement solutions that conform to these standards. They must possess excellent documentation and communication skills and shall take part in strategy conversations to meet business needs.

The Sr. Network Security Engineer reports to the Network and Communication Services group and provides support across several business and technology groups.

Key Responsibilities:

1. Must perform duties with a self-starting demeanor
2. Document well-analyzed implementation and reversion plans for all changes
3. Administer and maintain Network Security platforms, such as, but not limited to:

• Firewalls
• Web Secure Gateways
• Network Admission Control
• DNS, DHCP, and IPAM

ADDITIONAL INFORMATION:

• 100% Remote candidates are acceptable
• Top 3 Skills:

1. Expert in Web Application Firewall (WAF) implementation, ideally Akamai
2. Good experience with Terraform, DNS, DHCP, and IPAM
3. Knowledge of PCI/DSS, NIST, ISO, and CIS.

Mandatory Skills:

• Conduct duties and behaviors with a cybersecurity centric mindset
• Bachelor’s degree in Computer Networking, Cybersecurity, or similar field of study, or equivalent industry experience
• Experience with the design and management of a PCI/DSS compliant network
• Working knowledge to identify all network segments subject to PCI/DSS requirements
• Ability to thoroughly analyze change requirements and execute implementation with minimal negative impact
• 5+ years of experience designing, implementing, managing, and troubleshooting Palo Alto firewalls
• Must have extensive experience troubleshooting a hybrid network with multiple vendor technologies
• Must have a thorough understanding of the OSI model to deduce and quickly identify problem areas
• Extensive technical knowledge in at least 3 of the following areas: Network Segmentation Techniques, Secure Web Gateways, Next-Generation Firewalls, Network Admission Control Systems, Hybrid Cloud Environments (AWS, Azure), Wireless Security, or DHCP, DNS and IPAM (DDI), Virtual Private Network (VPN), and Web Application Firewall (WAF)
• Strong understanding of network technologies, including, but not limited to: Routing and Switching Protocols, IPsec and GRE tunnels, RADIUS, TACACS+, VRFs
• Working knowledge of cybersecurity controls and technologies, such as Intrusion Detection/Prevention Systems (IPS/IDS), Security Incident Event Managers (SIEM), Public Key Infrastructure (PKI), Tunnel Layer Security (TLS), Endpoint Detection and Response (EDR), and Threat Intelligence platforms
• Excellent verbal and written communication skills
• Ability to prioritize multiple simultaneous projects

Desired Skills:

• Industry recognized Network Security Certification preferred

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. EEO IS THE LAW. CC Pace invites any applicant and/or employee to review the Company’s written Affirmative Action Plan. This plan is available for inspection upon request. If you are an individual with a disability and would like to request a reasonable accommodation as part of the employment selection process, please contact us.