Senior Network Security Engineer
|Our client makes games â how cool is that? In fact, they entertain millions of people across the globe with the most amazing and immersive interactive software in the industry. But making games is hard work. Thatâs why they employ the most creative, passionate people in the industry.
The Challenge Ahead:
The Network Security Engineer will be part of a team responsible for delivering corporate network and security services for datacenter and branch offices in a mission-critical enterprise environment. The role will encompass network design, delivery, engineering, performance management, capacity planning and forecasting for all network elements including firewalls and load-balancers.
The role requires extensive knowledge and ownership throughout the full lifecycle of the network (PPDIOO).
In addition, the position will be involved in research and development activities and work with Network Architects to develop solutions to complex network engineering problems.
â¢ Gathering, budgeting, ordering, planning, assessing and mitigating risks, consistent configuration and deployment of network services, with ownership of the delivery process for the entire product/service lifecycle.
â¢ Be the technical subject matter expert and administer and maintain advanced security architecture and posture including management and accountability for firewalls, load balancers, authorization
â¢ Provide excellent customer service to internal and external clients, including response to escalations, proactively notifying customers of network issues, assessing and communicating business impact.
â¢ Track, report, and proactively address network capacity issues based on business forecasts.
â¢ Configure and utilize a variety of network management tools.
â¢ Find and implement new technologies that simplify the network environment while improving security and performance.
â¢ Develop, manage and execute controls in support of the company's compliance landscape (SOX, SAS70, PCI)
â¢ Follow IT change control best practices for predictable results.
â¢ Analyze and recommend contemporary and emerging technologies for deployment across the enterprise.
â¢ Network capacity planning, performance tuning and troubleshooting.
â¢ Create and maintain up to date documentation of the network environment detailing configuration of deployed solutions.
â¢ Fast isolation and resolution of network routing, switching, security, load balancing, wan optimization, shaping and quality of service issues.
â¢ Provide design engineering Level 4 support for the corporate network & mentor Level 2 and 3 Network team members.
â¢ Participate in 24x7 on-call support on a rotation basis (average 1 weekend per month)
â¢ Drive the continual evolution and support of the disaster recovery plan for consistency between sites.
â¢ Demonstrate good judgment in solving problems as well as identifying problems in advance, and proposing solutions.
Desired Security experience:
â¢ Good working knowledge of Cisco and Palo Alto next generation firewall platforms and advanced features
â¢ Good working knowledge of Application filtering, Web Security, Identity Awareness, and Security Zoning
â¢ Advanced experience with Next-Gen firewalls (Checkpoint, Palo Alto, Cisco) and Threat Prevention (IPS)
â¢ Familiarity with virtual firewalls and load balancing best practices.
Required skills and experience:
â¢ Five years solid experience in design, provisioning and troubleshooting of LAN/WAN. Hands-on experience with routers, switches, firewalls, and VPNs.
â¢ Must be familiar with configuring and design of routing and switching solutions including, but not limited to, ACLs, VLANs, VRFs, Port Security
â¢ Advanced Routing Principles of Operation, Configuration and Troubleshooting including, but not limited to OSI Reference model and IETF TCP/IP suite, Unicast, Broadcast, Multicast communications, Process and Fast Switching, Cisco Express Forwarding, IP Addressing Management IPv4/IPv6, VLSM, CIDR, Static Routing, EGP and IGP, Route Redistribution, Route Filtering, Policy Based Routing (PBR), NAT, PAT, HSRP, GLBP, VRRP, VRF-lite.
â¢ Traffic Management Principles, Configuration and Troubleshooting including but not limited to Traffic Performance Metrics, Throughput, Delay, Jitter, Bandwidth, Packet Loss, Congestion Management.
â¢ Solid practical working knowledge of Transmission Control Protocol and troubleshooting wide-area network issues related to TCP Bandwidth Delay Product.
â¢ Solid understanding of OSPF and BGP routing protocols for routed protocols IPv4/IPv6.
â¢ Very good understanding of the datacenter and branch office model architectures
â¢ Good understanding of the network and firewall platforms architecture.
â¢ Very good knowledge of Cisco routing, switching, and VPN (S2S/GRE/IPSEC/DMVPN/AnyConnect SSL VPN).
â¢ Intermediate knowledge and practice of IPv4 to IPv6 transitioning.
â¢ Good knowledge of Cisco VPNs including remote access platforms.
â¢ Good knowledge of Juniper routing and security.
â¢ Good knowledge of Cisco ACS/ISE for AAA services.
â¢ Good knowledge of Active Directory and DNS services.
â¢ Minimum CCNP or equivalent with CISSP or CCIE level security specialization preferred.
â¢ Excellent writing and communication skills.
â¢ Actively involved, organized, reliable and accountable.
â¢ Ability and desire to learn and grow independently as well as in a team.
â¢ Multitasking ability to manage time well and meet multiple deadlines in a hectic environment.
â¢ Very good documentation skills.
â¢ Team player, able to collaborate in global team environment and working in a production, 24x7 mission critical environment
Whatâs in it for you? Glad you asked!
We love to brag about their great perks like comprehensive health and benefit packages, tuition reimbursement and, of course, free video games. And since they realize it takes world-class people to make world-class games, they offer competitive compensation packages and a culture that thrives off of creativity and individuality. They live the âwork hard/play hardâ credo every day.