Network Security Engineer
- Foster City, CA
Our client is one of the wolds biggest worldwide transaction provider.
Location: Austin, TX OR Foster City, CA OR Denver, CO
Duration: 12 month contract, potential extension
• Conduct manual reviews of output of firewall and other network type rules from automated tools
• Evaluate automated tools for deficiencies and policy issues
• Evaluate information sources for accuracy
• Work with multiple teams to address gaps found
• Reviews results of Network and Application Ethical Hacks in order to determine if remediation and mitigation can be performed on network access control level.
• Identify larger risks from trends across multiple reviews
• Perform all-manual reviews of small networks from Firewall controls to network segmentation/zoning
• Identify areas where additional rules can help offset potential security issues
• Provide accurate and timely reporting of findings and proposed remediation and mitigations.
• Provide technical support to Business Leader/Chief Specialist in identifying and streamlining new/existing processes and tools in the area of Network Security Assurance
• Technical support could include, but not limited to the following: (1) Audit support & remediation, (2) Process Improvement, (3) Analysis & Reporting, (4) Cross Divisional Functional education, training and awareness, (5) Function/Methodology/Strategy advancement.
• Review incoming Firewall rule requests for internal and external firewalls globally to ensure compliance against Technical Security Requirements.
• Able to communicate in an effective manner to explain violations and why violating requests are not permitted to rule requesters as necessary
• Supports Technical Security Requirements and Guidelines of new emerging technologies to be used as foundation documents in Security Risk Assessments and Ethical Hacks
• Assist Chief Security Specialist in evaluating capability of new security products that might assist the Network Security Assurance team in optimizing their respective processes.
• Requires comprehensive knowledge and mastery in assigned areas applying skills and competencies in challenging and complex situations.
• Recognized expert in the company. Only a few positions require such extensive knowledge and skill.
• Complete mastery of at least one network technology domain and solid working knowledge of at least common firewall rule types and formats.
• Exposure to and understanding of the business and its integration with technology domains.
• May be involved in design phases (security architecture input to the security architecture team) of projects.
Bachelor’s degree (or equivalent) in Computer Science, Math or a related field or 3 years of additional experience to the requirement below
• 5 Years of progressive experience with increasing responsibility in Information Technology, Information Security and Compliance that includes a combination of technical and project responsibilities
• Good interpersonal, facilitation, and demonstrated technical skills
• Able to operate at an advanced level of written and spoken communication; write and speak effectively with impact
• Experience of project planning/reporting and management concepts, methodologies, tools, standards and procedures
• Experience working on large scale cloud based services (including SaaS, PaaS, IaaS).
• Experience with enterprise level networks
• Experience working with large scale Cisco or Checkpoint based networks in a role of a systems engineer.
• Good understanding of Ethernet, switched LAN and WAN environment and detailed understanding of layer 3 and layer 4 specifications, including IP, TCP, TCP/IP routing protocols and management of ACLs. IPv6 is major plus.
• Knowledge of logical / physical access control methods, connections alternatives using private, public and wireless solutions, IDS/IPS proper placement and review, and basic scripting/automation as required
• Working knowledge/experience of at least one of the following products: AlgoSec's Firewall Analyzer, RedSeal's Network Advisor and Vulnerability Advisor, Secure Passage's FireMon, Skybox's View Assure and View Secure and/or Tufin's SecureTrack
• Working knowledge of common ports and protocols
• Ability to research and respond to incorrect assumptions, as well as identify them
• Purchasing recommendations must be approved by a supervisor
• All public speaking engagements/active participation must be approved by supervisor, legal counsel and corporate communications.
• Position is subject to same controls of employees - laptop hard drive encryption, virus scanning, analysis of outbound communications, periodic background checks.
• Position is required to operate within guidelines provided within current HR and Finance policies and procedures & Corporate Key Controls.
• Periodic functional and process related audits of individual activities
• Develop or recommend network security measures, such as firewalls, network security audits, or automated security probes
Phone: 510 790 2000-1006