The Senior Network Systems and Security Engineer is responsible for the implementation, maintenance, and integration of the corporate WAN, LAN and server architecture with a focus on security. The main focus of this role is to manage and administer systems that involve OSI layers 1 through 4.
Additional responsibilities include implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations.
Configure and install various network devices and services (e.g., routers, switches, firewalls, load balancers, VPN, QoS)
Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations
Monitor performance and ensure systems availability and reliability
Monitor system resource utilization, trending, and capacity planning
Work within established configuration and change management processes to ensure awareness, approval and success of changes made to the network infrastructure
Ensure availability of network infrastructure as per established SLA’s
Maintain security, backup, and redundancy strategies
Maintain and administer perimeter security systems such as firewalls and intrusion detection systems.
Create alerts that notify appropriate personnel on threats
Enable controlled access to corporate security zones as required.
Perform analysis of network security needs
Oversee, deploy and review Data Loss Prevention tools and end point security components.
Assist in technical security assessments, code reviews and vulnerability tests to highlight risks and help the company to improve security.
Develop technical solutions to help mitigate security vulnerabilities.
Assist with penetration testing to determine vulnerabilities and mitigate them.
Create processes for authentication, authorization and encryption algorithms
Work with vendors to facilitate corrective actions
Provide Level-2/3 support and troubleshooting to resolve issues
Monitor and test application performance for potential bottlenecks, identify possible solutions, and work with developers to implement those fixes
Participate in the design of information and operational support systems
Contribute to design, integration, and installation of hardware and software.
Conduct research to identify new attack vectors against company’s product and services and corporate assets.
Keep current with changing cyber threats and malware risks.
University degree in Computer Science or a related subject with 4 years of hands-on network engineering experience (eg. Cisco Catalyst, Cisco Router, Cisco Nexus) and of experience installing, configuring and troubleshooting Windows and UNIX/Linux based environments
CCNP or higher (CCIE and/or CISSP highly valued)
Deep understanding of networking protocols (e.g., VPN, IPSEC, BGP, OSPF, L2-Switching, VLAN, STP, QoS)
Solid understanding of the OSI and TCP/IP model
Must have strong understanding of Firewall Security (eg. IPS, Policies, NAT, Sonicwall experience highly valued)
Understanding the Cloud Security strategy.
Hands-on experience with monitoring, network diagnostic and network analytics tools
Solid experience in the administration and performance tuning of application stacks (eg. Tomcat, IIS, Apache, Load balancer, etc)
Experience with virtualization (eg. VMware, Hyper-V)
Experience with monitoring systems, protocols (Netflow) and tools (eg. PRTG, Orion, Scrutinizer, Wireshark)
Scripting skills (eg, Powershell scripts, Perl, Python)
Experience and expertise with ethical hacking, firewall and intrusion detection/protection technologies
Flexible to some international travel (must maintain valid passport)