Network Security Engineer - NYC

Responsibilities:

• Routing protocols EIGRP, OSPF, and BGP; configuring, troubleshooting, typical show commands to research issues.
• Racking and stacking Cisco 2900, 3700, 3600, 3800, 4500, 6500 series switches.
• Upgrading firmware on Cisco switches.
• Engage with Engineering, Medical, PCI Compliance and application development teams to determine segmentation requirements.
• Engage with vendors to determine segmentation requirements for their products.
• Troubleshooting of any issues that occur because of segmentation.
• Broker after hours outage time with stakeholders for network segmentation changes.
• Site surveys of systems/devices that will be segmented.
• Handle escalated tickets regarding segmentation and network visibility.
• Onsite support for afterhours segmentation changes.
• Troubleshoot integration issues with other systems.
• Troubleshoot communication issues between the overlay and underlay of our network segmentation solution.
• Collaborate with rest of network department to ensure their systems remain stable as we add security measures.
• Support Radiology doctors with their remote access devices. Configure new devices onsite for new doctors.
• Participate in Change control process and peer reviews.
• Tools for upgrading firmware on Cisco switches; TFTP and FTP server, thumb drive.
• Configuration of Cisco switches in command line via console and SSH.
• Working knowledge of Cisco Catalyst linecards; multi-gig copper and fiber cards, supervisors.
• Deep understanding of Layer 1 concepts, configuration, and troubleshooting;
• Working knowledge of Power over Ethernet; verification of power being provided to devices, PoE power budget on a switch.
• Deep understanding of Layer 2 concepts, configuration, and troubleshooting; spanning tree, root bridge, BPDU, designated ports, root ports, trunk and access ports, rapid spanning tree, ieee, MST, VLAN, Layer 2 extension, CDP, LLDP, MAC address, CAM and TCAM table, DHCP snooping.
• Deep understanding of Layer 3 concepts, configuration, and troubleshooting;
• Deep understanding of Layer 4 concepts, configuration, and troubleshooting;
• Deep understanding of Layer 7 concepts, configuration, and troubleshooting;
• Deep understanding of first-hop redundancy protocols; HSRP, GLBP, VRRP.
• Deep understanding of IPv4 addressing, variable length subnet masks, summarization.
• Fiber plant management; installing fiber patch cords, troubleshooting link issues, working knowledge of multi-mode and single-mode fiber cabling.
• Copper plant management; installing CAT5/5e/6 patch cords, 568A/B termination, knowledge of straight through, cross-over, rollover cabling, usage of a tone generator and tracing copper cabling from Location A to Location Z.
• Working knowledge of Cisco fiber transceiver types; SFP, SFP28, QSFP; and wavelength types; 850nm, 1310nm, SX, LX, SR, LR, LR4, 1-gig, 10-gig, 25-gig, 100-gig.

Skills & Experience:

• 5+ years' experience in network engineering
• Bachelor's degree
• CCNA, A + and Network + certification is strongly recommended
• In-depth knowledge of Networking and Security.
• Knowledge of Security best practices.
• Experience working with Firewalls, Routers, Switches, Access points and Voice over IP phones.
• Excellent communication skills will need to converse with various technical and non-technical teams.
• Flexibility to work after hours on changes.
• Experience with network segmentation and Zero-trust architecture is a plus.
• Experience with a SASE solution is a plus.
• Worked in a hospital setting before is a plus.

Company Overview