Description

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

Overview

We are seeking a talented and experienced Network Security Engineer to join our team. The ideal candidate will have a strong background in network security technologies, protocols, and methodologies. They will be responsible for designing, implementing, and maintaining network security measures to protect our infrastructure from cyber threats.

Responsibilities:

Network Security Infrastructure:

Spearhead the design, implementation, and upkeep of the organization's network security architecture, ensuring alignment with business imperatives and industry benchmarks.
Configure and administer Intrusion Prevention Systems (IPS), firewalls, and other security appliances to fortify the network perimeter.

Security Policy Development:

Develop and enforce robust network security policies and procedures, encompassing access control, authentication, and authorization mechanisms.
Conduct regular reviews and updates of security policies to adapt to evolving threats and technological advancements.

Vulnerability Management:

Execute swift deployment of fixes for vulnerabilities detected across network devices.

Security Incident Response:

Actively engage in incident response endeavors, encompassing the analysis of security events, orchestration of containment efforts, and facilitation of post-incident reviews.
Formulate and uphold an incident response plan to ensure a prompt and efficient response to security incidents.

Network Monitoring and Analysis:

Utilize Security Information and Event Management (SIEM) tools to monitor network traffic, identifying and responding to suspicious activities.
Analyze security logs and reports to discern patterns and trends indicative of security threats.

DDoS Mitigation Strategy:

Devise and implement DDoS mitigation strategies to shield the organization's online assets and services.
Collaborate with network architects and security teams to seamlessly integrate DDoS protection measures into the overarching security architecture.

DDoS Detection and Monitoring:

Employ advanced monitoring and detection tools to pinpoint potential DDoS attacks swiftly.
Implement real-time monitoring solutions for anomalous traffic patterns, enabling early detection of DDoS threats.

Network Security in the Cloud:

Oversee the implementation and management of security measures for cloud networks, encompassing firewalls, network access controls, and encryption.
Conduct routine security assessments and audits to pinpoint and rectify vulnerabilities.

Cloud Service Integration:

Seamlessly integrate cloud networking services such as Amazon VPC, Azure Virtual Network, or Google Cloud VPC into overarching network designs.
Collaborate with cloud service providers to leverage platform-specific networking features.

Security Awareness and Training:

Develop and deliver comprehensive security awareness programs for employees, educating them on security policies, best practices, and cybersecurity's significance.
Provide ongoing training to IT staff on emerging threats and security technologies.

Compliance and Auditing:

Ensure compliance with industry regulations and standards such as CIS or NIST.
Prepare for and actively participate in both internal and external security audits, addressing findings and implementing corrective actions.

Network Access Control:

Implement and manage network access controls, including VPNs, secure remote access solutions, and multi-factor authentication.
Vigilantly monitor user activity to swiftly detect and respond to unauthorized access attempts.

Security Documentation:

Maintain meticulous documentation of network security configurations, procedures, and incidents.
Continually create and update documentation for security policies, guidelines, and standard operating procedures.

Collaboration and Communication:

Collaborate seamlessly with IT teams, system administrators, and other departments to ensure a unified and integrated approach to security.
Communicate technical security issues effectively with non-technical stakeholders, translating them into comprehensible business risk language.

Skills:

Proficiency in firewall and intrusion detection/prevention system administration, such as PaloAlto & Cisco FTD.
Hands-on experience in deploying virtual firewalls like Cisco/PaloAlto/Fortigate or similar on cloud platforms.
Familiarity with DDoS mitigation tools and services like Cloudflare or Akamai.
Knowledge of EASM tools like BitSight, SecurityScorecard, or equivalents.
Expertise in monitoring web security gateways, perimeter security, network access controls, and endpoint security.
Proficient in SIEM tools like Splunk, Elastic, or similar.
Understanding of cloud networking concepts and services.
Familiarity with cloud-native networking tools and platforms like Prisma, Orca Security, or equivalents.
Proven ability in maintaining and implementing SOPs for network security.
Experience in investigating security breach alerts.
Knowledge of network security protocols, routing, and switching.
Strong problem-solving and analytical skills.
Excellent communication and interpersonal abilities.
Capability to work collaboratively in a team as well as independently.

Qualifications: