Network Security Engineer (Cisco/ Fortinet/Palo Alto firewalls)

New Millenium Consulting LLC
Weehawken Township, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Weehawken Township, United States of America

Tech stack

Proxy Servers
Application Layers
User Authentication
Border Gateway Protocol
Computer Security
DNS
Virtual Private Networks (VPN)
OSI Models
Python
Network Security
Overlay Transport Virtualization
Powershell
Remote Access Technology
Ansible
Zero Trust Network Access
Web Application Security
Security Information and Event Management
Wide Area Networks
Scripting (Bash/Python/Go/Ruby)
Network Access Control
Load Balancing
Computer Network Technologies
Firewalls (Computer Science)
Information Technology
Palo Alto Networks
Centreon
Fortinet
Firepower
Splunk
Cisco networks
Qualys
Vulnerability Analysis
VMware

Job description

Infrastructure Oversight: Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity.

Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals.

Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents.

Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication.

Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments.

Audit and Security Coordination: Work closely with audit and IT Security teams to provide necessary documentation and implement remediation plans as required.

Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team.

Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region.

Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making.

LOD1 Security Management: Manage Line of Defense 1 (LOD1) network security controls and request as specified by the IT Risk Department.

Strategy Alignment: Coordinate with AMER and Head Office IT Security teams to assure alignment on security strategies and policies.

Requirements

Must have: Cisco Firepower, Fortinet and Palo Alto firewalls

A global bank is seeking a Network Security Engineer to join their New York office. The Network Security Engineer must have hands-on experience in network security management. Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Network Security Engineer must bring extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation., Tool Proficiency: Profiecent knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response., * Extensive understanding of network technologies - L2, L3, VXLAN, BGP, LAN/WAN/VPN

  • Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods
  • Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting
  • Troubleshooting knowledge of network and security systems with minimal guidance is required.
  • OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required.
  • Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting.
  • Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus
  • Knowledge of scripting languages such as Python, PowerShell, or Ansible.
  • Knowledge of Ansible Scripting is a plus
  • Knowledge of micro segmentation tools such as Illumio or VM Ware NSX is a plus

Education:

Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred.

8+ years of hands-on experience in network security management, preferably within the financial services industry.

Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation.

Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM

Apply for this position