Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Overview
We are seeking a talented and experienced Network Security Engineer to join our team. The ideal candidate will have a strong background in network security technologies, protocols, and methodologies. They will be responsible for designing, implementing, and maintaining network security measures to protect our infrastructure from cyber threats.
Responsibilities:
Network Security Infrastructure:
- Spearhead the design, implementation, and upkeep of the organization's network security architecture, ensuring alignment with business imperatives and industry benchmarks.
- Configure and administer Intrusion Prevention Systems (IPS), firewalls, and other security appliances to fortify the network perimeter.
Security Policy Development:
- Develop and enforce robust network security policies and procedures, encompassing access control, authentication, and authorization mechanisms.
- Conduct regular reviews and updates of security policies to adapt to evolving threats and technological advancements.
Vulnerability Management:
- Execute swift deployment of fixes for vulnerabilities detected across network devices.
Security Incident Response:
- Actively engage in incident response endeavors, encompassing the analysis of security events, orchestration of containment efforts, and facilitation of post-incident reviews.
- Formulate and uphold an incident response plan to ensure a prompt and efficient response to security incidents.
Network Monitoring and Analysis:
- Utilize Security Information and Event Management (SIEM) tools to monitor network traffic, identifying and responding to suspicious activities.
- Analyze security logs and reports to discern patterns and trends indicative of security threats.
DDoS Mitigation Strategy:
- Devise and implement DDoS mitigation strategies to shield the organization's online assets and services.
- Collaborate with network architects and security teams to seamlessly integrate DDoS protection measures into the overarching security architecture.
DDoS Detection and Monitoring:
- Employ advanced monitoring and detection tools to pinpoint potential DDoS attacks swiftly.
- Implement real-time monitoring solutions for anomalous traffic patterns, enabling early detection of DDoS threats.
Network Security in the Cloud:
- Oversee the implementation and management of security measures for cloud networks, encompassing firewalls, network access controls, and encryption.
- Conduct routine security assessments and audits to pinpoint and rectify vulnerabilities.
Cloud Service Integration:
- Seamlessly integrate cloud networking services such as Amazon VPC, Azure Virtual Network, or Google Cloud VPC into overarching network designs.
- Collaborate with cloud service providers to leverage platform-specific networking features.
Security Awareness and Training:
- Develop and deliver comprehensive security awareness programs for employees, educating them on security policies, best practices, and cybersecurity's significance.
- Provide ongoing training to IT staff on emerging threats and security technologies.
Compliance and Auditing:
- Ensure compliance with industry regulations and standards such as CIS or NIST.
- Prepare for and actively participate in both internal and external security audits, addressing findings and implementing corrective actions.
Network Access Control:
- Implement and manage network access controls, including VPNs, secure remote access solutions, and multi-factor authentication.
- Vigilantly monitor user activity to swiftly detect and respond to unauthorized access attempts.
Security Documentation:
- Maintain meticulous documentation of network security configurations, procedures, and incidents.
- Continually create and update documentation for security policies, guidelines, and standard operating procedures.
Collaboration and Communication:
- Collaborate seamlessly with IT teams, system administrators, and other departments to ensure a unified and integrated approach to security.
- Communicate technical security issues effectively with non-technical stakeholders, translating them into comprehensible business risk language.
Skills:
- Proficiency in firewall and intrusion detection/prevention system administration, such as PaloAlto & Cisco FTD.
- Hands-on experience in deploying virtual firewalls like Cisco/PaloAlto/Fortigate or similar on cloud platforms.
- Familiarity with DDoS mitigation tools and services like Cloudflare or Akamai.
- Knowledge of EASM tools like BitSight, SecurityScorecard, or equivalents.
- Expertise in monitoring web security gateways, perimeter security, network access controls, and endpoint security.
- Proficient in SIEM tools like Splunk, Elastic, or similar.
- Understanding of cloud networking concepts and services.
- Familiarity with cloud-native networking tools and platforms like Prisma, Orca Security, or equivalents.
- Proven ability in maintaining and implementing SOPs for network security.
- Experience in investigating security breach alerts.
- Knowledge of network security protocols, routing, and switching.
- Strong problem-solving and analytical skills.
- Excellent communication and interpersonal abilities.
- Capability to work collaboratively in a team as well as independently.
Qualifications:
- Bachelor's degree in Cybersecurity, Information Technology, or a related field.
- Relevant certifications such as CCNA Security, CEH, or equivalent.
- Typically, 3-5 years of experience in network security roles.
- Experience with security assessment tools and methodologies.
- Familiarity with cloud security principles is advantageous.