It Specialist – Information Security

• 
  Network Security Design and Implementation: Design and deploy Secure network architectures (Secure SD-WAN, Hybrid ZTA, and perimeter-based Architecture) and solutions using Cisco security technologies, such as firewalls, VPNs (Virtual Private Networks), intrusion prevention systems (IPS), and access control lists (ACLs). Cisco Umbrella and Cisco CES (Cloud Email Security).
• Firewall Monitoring and Troubleshooting: Monitor firewall logs and security events to detect anomalies, unauthorized access attempts, and potential security breaches. Perform regular firewall health checks, troubleshooting, and incident investigation to maintain optimal firewall performance and security posture.
• VPN Configuration and Management: Implement and manage Cisco VPN and Secure SD-WAN solutions, such as site-to-site VPNs and remote access VPNs, to ensure secure communication between geographically distributed networks and remote users.
• Intrusion Prevention and Detection: Deploy and manage Cisco IPS (Intrusion Prevention System) solutions to detect and prevent network-based attacks. Monitor and analyze security events and alerts to identify and respond to potential threats.
• Access Control and Authentication: Configure and manage access control mechanisms, such as Cisco ACS (Access Control Server), Cisco ISE (Identity Services Engine), Cisco Umbrella, and Cisco CES, CASB, DLP, Cisco DUO, AAA protocol to ensure secure user authentication, authorization, and accounting across network and email systems.
• Encryption Key Management: Develop and maintain encryption key management processes and procedures. Establish secure key generation, storage, distribution, rotation, and destruction practices.
• Network Security Monitoring and Assurance: Monitor network traffic and security logs using security monitoring tools; such as SIEM and, SOAR, Cisco Umbrella to identify and investigate potential security breaches or anomalies and remediation.
• Vulnerability Management: Conduct regular vulnerability assessments using third-party solutions. Analyze assessment results and collaborate with system administrators and stakeholders to remediate identified vulnerabilities.
• Security Audits and Compliance: Ensure compliance with industry standards and regulations, such as NIST CSF, SP 800-53, ISO 27001, CIS Controls, GDPR, etc.
• Documentation and Reporting: Document and maintain accurate and up-to-date documentation of network security configurations, policies, and procedures. Prepare regular reports on network security status, incidents, and recommendations for management.

Professional Skills:

• Strong verbal and written communication skills.
• Substantial documentation and network drawing skills.
• Ability to work well in a team environment and complete projects as assigned.
• Ability to influence others without direct supervisory responsibilities.
• Make recommendations regarding known or learned best practices.
• The ability to take initiative and solve problems.

• Extensive experience configuring, managing, and troubleshooting firewall solutions in complex network environments.
• Proficient in network troubleshooting and packet analysis using tools such as Wireshark or tcpdump.
• 3-5 years of experience designing, hardening, implementing, and managing network security solutions using Cisco and 3rd-party technologies.
• 2-3 years of proven experience with Cisco security products, including MX appliances, VPN functionality, and access control features.
• Strong knowledge of encryption algorithms, cryptographic protocols, and key management principles.
• Familiarity with encryption technologies, such as cryptographic libraries, HSMs, and secure key management systems.
• Understanding of encryption protocols and standards, including TLS/SSL, PGP, and AES.
• Proficient in vulnerability assessment and remediation methodologies specific to Cisco and VMWare deployments.
• Expert in network protocols, routing, and switching concepts.
• Excellent analytical and problem-solving skills, with the ability to assess and resolve complex firewall-related issues.
• Familiarity with industry security standards and compliance requirements.
• Strong analytical and problem-solving skills, with attention to detail.
• Excellent communication and collaboration skills to work effectively with cross-functional teams.
• Experience in creating network drawings and documentation using tools such as Visio, etc

• A minimum of one certification of CCNP Security, CASP+, and SSCP certification is required. CCNP Security is preferred.
• Bachelor’s degree in Computer Science, Cybersecurity, or a related field is preferred.

Note: The job responsibilities may vary depending on the organization's specific needs. The field of cybersecurity is constantly evolving, and it's essential to stay updated with the latest trends, technologies, and threats.