Network Security Engineer

Responsible for supporting and monitoring clients network security infrastructure. The candidate will be responsible for validating attacks against clients networks and assessing the impact. If any countermeasures are required, the candidate is responsible for making the appropriate recommendation and in some cases, implementing the resolution. Candidate will utilize a variety of network analysis tools, device management platforms and security information event management (SIEM) systems.

- Build, design and support Network Based Security infrastructure to provide security on mobile devices, laptops, smartphones and mobile handsets
- Primary responsibility is to provide network security customer support in a shared environment supporting multiple customers
- Responsible for general architecture, initial configurations and subsequent management of one or more SIEM systems
- Provide 7x24 production support to accept, operate, and maintain security elements
- Identify security incidents, provide supporting information to clients, and support the client through containment and remediation during setup and initial phases of project
- Troubleshoot end to end network and application connectivity.
- Manage authentication, authorization, and accounting
- Perform intermediary connectivity provisioning, application and network troubleshooting, policy audits, and preventive maintenance on network security elements
- Conduct network risk assessments on all work performed.
- Monitor security events and conduct regular reviews of log files, platforms, products and services
- Conduct daily, weekly, and monthly proactive maintenance activities per SecOps Management directives
- Candidate will provide security analysis, notification and reporting for clients.
- Candidate will conduct in-depth analysis based on IP information, protocol headers, data payloads, log data, alert trends and correlated event data.
- Candidate will identify security incidents, provide supporting information to clients, and support the client through containment and remediation.
- Candidate will differentiate valid alerts from false positives, update device policy, establish filters, and install updates.
- Ultimately responsible for defining, tracking and maintaining the standard baselines and configuration sets of all managed and/or monitored security devices and implementing industry best practices with regards to anomaly detection and network configurations.
- Candidate must also spend a proportion of his/her time keeping up with current vulnerabilities, attacks and appropriate countermeasures.
- May interface with other stakeholders including vendors, application development and technical support staff.

EDUCATION

- B.A. in tech field or equivalent combination of education, trainingFirewall Knowledge; Routing/Switching; Windows/Linux/Unix security configurations
- This is a 24x7 Managed Security Service Provider (MSSP) environment, so candidates should be prepared to work a 2nd, 3rd or weekend shift if 1st shift spots are unavailable.
- This is a client-facing position requiring strong communications and customer support skills.
- Minimum 4 years Network Security experience.
- Must have demonstrated success in managing, analysing and solving complex network technical issues.
- Must have experience with log analysis.
- SIEM platform experience desired but not required.
- Must be proficient in one or more industry IDS/IPS technologies such as Cisco IPS, Enterasys Dragon IDS/IPS, Fortinet IPS, Juniper IDP, McAfee IPS, Snort IDS, Sourcefire IPS and/or TippingPoint IPS.
- Experience with anomaly detection systems or netflow analysis desired but not required. Examples include Arbor Peakflow and Lancope Stealthwatch.
- Must have a solid understanding of network attacks and exploits, including detection and various categories/types of attacks.
- System administration or network administration experience desired but not required.
- Experience with Scripting or programming desired but not required.