NETWORK ENGINEER
NOTE: CCNA and CISSP Certification are required.
Summary:
This position reports to the Security Risk Compliance Office Manager, Information Technology Office. The Senior Network Engineer is a key member of the Network Operations team. Incumbent will have advanced knowledge and hands-on experience in deployment and management of routers, switches, firewalls and can proactively troubleshoot organization’s complex Network Infrastructure. Experience with Check Point NGX, IPS/IDS, Rapid7 Nexpose, SolarWinds is essential.
Responsibilities
- Management of Layer 2 and 3 protocols including routers and switches. Focus on sustaining the necessary data throughput rate by monitoring network activity to mitigate performance problems.
- Proactively monitor and troubleshoot connectivity for the FTE’s Network Infrastructure including campus, roadside, backbone, LAN, Walk-in Centers, partner networks and third-party connectivity.
- Review FTE’s network architecture and design including failover capabilities and recommend changes to optimize performance and reliability.
- Ensure that network segmentations are adequately designed to protect sensitive environments including PCI, Financial, and customer data.
- Leverage SolarWinds to create dashboards to proactively monitor entire Network Infrastructure and proactively troubleshoot performance, connectivity including management reporting dashboards.
- Ensure that all network infrastructure routers, switches, firewalls are shipping log to SIEM by reviewing SIEM logs.
- Proactively monitor and deploy patches and updates to all network infrastructure routers, switches, firewalls, and other supporting equipment.
- Participate and support Network and Security Operations team in designing Cloud architecture. This includes capacity, failover, stability, and security design.
- Perform vulnerability scans for network infrastructure to ensure perimeter, network segments including databases, applications, and server environments are adequately protected.
- Maintain accurate inventory controls supporting FTE’s network infrastructure.
- Develop and maintain network infrastructure diagrams and depict any changes along with associated documentation including change control approvals.
- Assist the SRCO team with investigation, triage forensic analysis, and evidence preservation regarding cybersecurity events.
- Assist with threat intelligence and hunting by leveraging in place security tools.
- Ensure compliance with established standards, polices, configuration guidelines established by SRCO and Industry best practices such as NIST.
Experience:
- Must have 8-10 years of hands-on experience with:
- Layer 2/3 routing protocols including troubleshooting complex issues
- Deployment and management of routers, switches troubleshooting.
- Private, Public, and Hybrid Cloud Infrastructures such as AWS, Azure platforms
- Must have 5 to 7 years’ experience with Unix (RedHat), Windows, VMWare, and other platforms
- 2 to 3 years working experience with vulnerability scanning tool (Rapid7 Nexpose)
Certification:
- CISSP (Certified Information Systems Security Professional--REQUIRED)
- Cisco Certified Network Associate (CCNA--REQUIRED)
- Cisco Certified Design Associate (CCDA – Preferred)
- Cisco Certified Internetwork Expert (CCIE – preferred)