Cyber Security Engineer With Firewall / Nyc ( Onsite ), Long Term

Job Title: Cyber Security Engineer-FIREWALL
Description:
The job opening is for an experienced, hands-on senior Security Engineer/architect that will design, configure, implement, and support security controls in a growing enterprise environment. The Security Engineer responsibilities will include leading security projects involving LAN, WAN, IoT, OT, Office 365, Datacenter, Wireless, Cloud, endpoints etc.
Responsibilities:

• Architect security controls
• Expert knowledge of firewall including firewall administration and configuring security policies
• Knowledge of penetration testing
• Use red team skills to find security violations in the infrastructure
• Perform security risk assessments of applications, cloud services, and networks
• Configure security policies for IDS/IPS, WAF, DNS, Reverse and forward Web Proxy server, CASB
• Troubleshoot level 3 security related issues.
• Architect and configure cloud security controls and VMWare environment
• Utilize SEIM, Armis, Extrahop and Secureworks for threat intelligence and incidence response
• Lead the resolution of security incidents
• Working knowledge of Proxy Web Gateway
• Review and triage vulnerability alerts into manageable reports, provide relevant analysis, suggest mitigation procedures, track remediation, and identify gaps.
• Application security experience
• Lead security education and awareness activities
• Analyze the network and implement solutions to increase uptime efficiency and security
• Work with vendors to integrate security platforms into infrastructure
• Configure security policies in DNS and WAF
• Implement DLP controls
• Manage Disaster Recovery, Incident Management, and Business Continuity activities

Requirements:

• 5 years or more of Security Engineering experience in a complex enterprise environment
• Strong network security experience
• Strong knowledge of network architecture and design
• Strong project management experience
• Must be able to lead projects
• Bachelor's degree in computer science, information technology or related field.
• Should be able to utilize security frameworks like NIST and MITRE.
• Proficient in the use of security management tools to facilitate troubleshooting, e.g., Wireshark, NetBrain, Extrahop, NetWitness, CoreInsight etc.
• Experience in some of these application security related tools: Burp Suite, Fortify, Zimperium, Veracode, HCL AppScan tools
• Experience in Netwrix data classification and auditing tool
• Experience with Trellix EPO and Crowdstrike
• Experience with Skyhigh Proxy Gateway and CASB
• Experience with Menlo Security web and email isolation tool
• Configure security policies in DNS and WAF
• Knowledge of data privacy regulations and compliance issues especially related to HIPAA
• Strong understanding of network, application, and cloud security
• Knowledge of Identity and Access Management
• Experience with configuring DNS. Familiarity with Infoblox to maintain public facing DNS services as well as IPAM
• Understanding of the various VPN technologies
• Knowledge of security of wireless environment including controllers and Client.
• Knowledge of resilient designs to ensure high availability
• Knowledge of IPS/IDS design as standalone hardware or as a feature within firewalls
• Understanding of IoT and OT security
• Ability to create reports using KRI and KPI
• Experience with Next Generation Firewalls including Palo alto, Fortinet, etc.
• Coding experience is a plus
• Work with vendors, carriers, and other technical groups to implement new security controls and troubleshoot existing controls
• Any automation experience is a plus