The Senior Security Engineer position requires the ability to actively contribute to the implementation, operations and support of enterprise security solutions in a global multi data center environment.
Primary responsibilities include supporting the operational security function within ETG to develop, maintain and advance the security posture of the company in order to adequately protect assets. Responsibilities include managing and enhancing the effectiveness of current security tools and applications including firewall infrastructure, web content filtering technologies, VPN/network gateway infrastructure, security SSL certificates, application and database firewalls, proxy / content gateway servers and supporting PCI and other internal or external audit processes for the enterprise.
Supporting the implementation of corporate security policies, programs, and procedures to protect information systems assets from intentional or inadvertent modification, disclosure or destruction. The ideal candidate will have experience and direct knowledge of managing security infrastructure in large complex global multi-data center environments.
Essential Job Responsibilities:
1. Maintain operational guidelines and processes to directly support security architecture and design.
2. Support existing security solutions and partner with the security engineering team for the implementation and integration of any new enhancements made to existing security solutions in support of improving overall enterprise security.
3. Ensure security tools and solutions hardware/software/devices are operating effectively and updated in a timely manner.
4. Develop and maintain operating guidelines and procedures in support of policies, standards and guidelines.
5. Determine appropriate levels of security configuration, controls and monitoring.
6. Support the maintenance and deployment of new security solutions in multiple data centers.
7. Support incident management processes and security monitoring alerts in preventing internal / external hackers from compromising data and assets.
8. Understand the latest threat techniques and support appropriate countermeasures, configurations and awareness.
9. Support remote access and multi-factor technologies to internal/external users.
10. Overall central management of web filtering and internet proxy servers.
11. Work with peers and internal/external customers to support the enterprise approach to security.
12. Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise networks.
13. Perform ticket queue monitoring, resolution and prioritization, maintain diagrams and documentation as appropriate and support firewall rule set reviews, auditing and maintenance activities
The above statements are intended only to describe the general nature of the job, and should not be construed as an all-inclusive list of position responsibilities.
Required Qualifications: Education:
- Bachelor of Science in Information Technology, Management Information Systems or Risk Management OR High School Diploma with 8+ years relevant work experience.
Job Related Experience:
- 7+ years relevant technical experience preferred. Need excellent written, oral and interpersonal communication skills.
- At least 3+ years experience working in a progressive information security operations or engineering group.
- 3+ years experience in a large complex Checkpoint environment (complex financial environment preferred)
- 3+ years experience in a large complex Palo Alto environment
- Proven hands-on experience with firewalls and knowledge of IP networking and network security including Intrusion Detection, DMZ, encryption, IPSec, PKI, VPNs, MPLS/VPN, Site to Site VPN tunnels, SSL/VPN, proxy services, and DNS
- Crossbeam experience
- Cisco ASA experience / Juniper Firewall experience
- Exposure to Intel SOA XML gateways or Reactivity
- Imperva DBF or WAF exposure
- Network routing, switching, packet analysis
- PCI DSS compliance knowledge
- Prior experience with network security & related applications, tools and solutions
- Deep understanding of network routing and switching architecture, design and troubleshooting
- Experience supporting 24x7x365 high availability solutions in large complex data center environments
- Exceptional planning, organization, communication, presentation, multi-tasking, prioritization and business analysis skills. Ability to work independently in addition to working closely in a team environment.
- Needs strong ability to multi-task and work effectively in a distributed and matrix oriented environment
- Technical product training and certifications, network hardware and application security training and/or certifications: CCNA, CCSA, CISSP, Security+, Network+
- Checkpoint VSX and Provider 1 experience, CCSA preferred.
- CISSP certification preferred
- Qualys experience desired
- Tripwire / Symantec CSP experience desired