Pay Range: $55-$60
Job Description
Your Impact:
Design, implement and provide support for all network-related hardware/software
Ensure system uptime and backup for network-related equipment
Work with the team on establishing network design principles, practices, implementations, documentation and LAN/WAN maintenance
Conduct security assessments (with security team) and make recommendations on data/voice network (LAN, WLAN, WAN, DMZ, Internet), disaster recovery, remote access, network appliances, servers, and directory services security
Conduct incident triage and response, including working with firewall and device logs, investigating security events, protecting forensic value of data and establishing monitoring and incident reporting and response procedures
Using your coding expertise in Ansible/Python, automate firewall policy management
Work on establishing consistent metrics and collection methods for device log aggregation and review procedures
Assist with defining the objectives of network implementations including developing and reviewing proposals and presentations
Oversee security of hosted services and applications including security requirements and architecture, risk analysis, and periodic change reviews
Work closely with engineering to help report issues and lead project deliverables and provide status and progress reports
Provide comprehensive and timely support to all SOX and internal audit issues as they relate to Security Operations including analyzing data privacy requirements and implementing business process and IT controls
Qualifications
BE/B.tech Engineering degree
10+years of relevant work experience with exposure in product organizations
Knowledge and extensive experience of Python Scripting and Ansible for Network automation and analytics
Experience with automation/scripting/coding preferable in Python
Exposure to Public Cloud Platforms - GCP (Google cloud) OR AWS OR Azure
Experienced understanding of networking and routing protocols such as, TCP/IP, BGP4 (multi-homing), OSPF (multi-area), RIP, ISIS, etc.
Working knowledge in the operation of Ethernet LAN switching protocols and standards including, VLANs, VLAN aggregation, EtherChannel, PVLANs, Spanning Tree & Rapid Spanning Tree, 802.1Q
Extensive background in planning and crafting projects and analyzing existing network systems and procedures for efficiency and effectiveness
Experience with Load Balancers, F5 preferred, AVI Load balancer and NGINX
1e, and CAT and fiber cable distribution systems
Expert knowledge of data center design, build-out, and standard methodologies
Experienced in designing and implementing Business Continuity Plans and Disaster Recovery Plans and facilities
Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms
Expert knowledge of firewalls technologies, including VPNs and routing
Experience with multi-tier architectures, including standard methodologies around tier isolation (for databases, etc)
Ability to analyze network packet traces (PCAP)
Deep understanding of network security systems, intrusion detection systems and protocols including, ACE, Client, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files, etc.
Advanced knowledge of DNS and DHCP and Microsoft AD infrastructure
Strong analytical skills for interpreting business requirements and translating them into technical specifications
Superb communication skills, including the ability to write network and security documentation, policies, and guidelines
Ability to work nights and weekends and provide 24/7 on-call support
Well-versed in commercial InfoSec requirements, mentorship and standards
Preferred certifications CCIE/ CCSP/CCDP,
Additional certifications desired CISSP, CISM, CISA, SANS, ISO 17799 preferred but not required