Network Security Engineer

RESPONSIBILITIES

• Configure and implement network & security solutions for GHS clients
• Working with key Support and Technology vendors, define Enterprise Hardware & Software standards for LAN / WAN infrastructure technologies and Firewalls, Web Content Filters, IPS, VPN, etc
• Perform infrastructure Configure and implement network & security solutions for Glasshouse Systems clients
• Working w maintenance and upgrades to client environments
• Provide technical guidance and recommendations for client-driven initiatives and strategies
• Perform technical assessments using industry standard toolsets for network, and security architectures
• Creating standardized operating procedures and assisting with post implementation support after successful delivery of the new solution
• Documenting and maintaining network diagrams and configuration changes
• Install, configure, and manage firewalls (Palo alto, Cisco Firepower)
• Maintain security solutions, including firewall policies and VPN configurations, performing security administration functions for user access and remote access
• Establish and troubleshoot IPSEC tunnels with customers.
• Manage and monitor the intrusion prevention system
• Perform problem determination and root cause analysis, effectively working with vendors and carriers as required
• Provide technical support to internal and external clients, including problem determination, resolution, and escalation as needed
• Participate in the on-call rotation and be able to respond to critical or high severity alerts after hours and follow documented steps to address such issues
• Participate with on demand after hours change implementation for new initiatives and or in support of incident management
• REQUIREMENTS
• Bachelor’s degree in computer networking or computer science is preferred
• Certifications - PCNSE, CCNP
• Minimum 5+ years of working in a Network, with high level experience with Firewall environments, IDS/IPS, SD-WAN, VPN, Firewalls, etc
• Experience with technologies such as: Cisco / Fortinet / Palo alto (Palo Alto Threat Protection, Cisco Firepower Threat defense, IPS/IDS, HSRP/VRRP, VRF, VPC, VC, LACP, Fabric Path etc)
• Extensive support of Routing Protocols/Technologies such BGP, OSPF, MPLS VPN, Multicast
• Ability to perform TCP/IP Network traces/packet captures with solid experience interpreting results
• Ability to analyze packet captures using Wireshark and other related technologies
• Perform or participate in complex maintenance or deployment activities
• Develops and maintains standard operating procedure manual and processes used by the team
• Experience with Palo Alto firewalls, App-ID, user-ID, content-ID and Global Protect
• In-depth understanding on IPsec VPNs, Global Protect VPNs, Security Profiles, Firewall implementation
• Broad knowledge of security & network solutions, security monitoring, event analysis, threat hunting and countermeasures
• Experience in BGP/OSPF and EIGRP routing protocol design, configuration, and troubleshooting
• Experience of working in a multi-cultural, virtual team, across multiple geographical regions
• Some travel is required for this position

Nice to have

• Experience in IT and Data Centre infrastructure strategies, solutions, and concepts
• Knowledge of Virtualization techniques (VMWare, Hyper-V)
• Experience applying ITIL best practices is an asset
• Experience in ITSM ticketing tool – Service Now

PERSONAL ATTRIBUTES

• Excellent verbal and written communications skills
• In addition to network and security expertise, we expect the engineer to have a
• Strong team player and enjoys working in a fast-paced team atmosphere
• Ability to manage priorities, commitments and projects
• Must be able to grasp highly technical concepts quickly
• Passionate about cybersecurity concepts and technologies