Network Security Engineer

Top Skills' Details

1. Must be open to weekend and 24x7 Shift work

2. 3+ Years of experience with Cisco Firewalls - Must have firewall change experience; rule cleanup experience is a plus

3. WAN & Security upgrade experience - there will eventually be project work that consist of patching and upgrades which will be onsite!

4. SIEM Monitoring experience for monitoring IPS and incident alerts

Description:

**** CANDIDATES SHOULD BE IN NC OR WITHIN AN HOUR OF RALEIGH,,,,, The work will be 100% remote. However, in the event of a major data center upgrade, best practices would say for the resource to be on site in the event of a catastrophic failure requiring a direct connection. In a rare instance, they may have a meeting where the candidate would need to be on site, but no more than once or twice a year.***

Currently the SOC Team consists of 6 Network Security Engineers who are responsible for the 24x7 maintenance of the Cyber Security network. There are looking to bring on 1 Network Security Engineers who will support operational gaps during the weekends and holidays. These will be 12 month contracts with the opportunity to convert full time pending performance and headcount availability. 95% of the work will be remote, but there will be project work such as upgrades or patching that will require you to be onsite.

Breakdown of work;

No. 1

40% Security Operations and Network Operations (SOC):

•Responsible on Weekends and Holidays to respond to Network Operations Center priority one circuit outages.

•Responsible for creating, triaging, updating, and seeing closure of Security Operations Incident, Request, and Enterprise Change Management tickets.

•Monitors and maintains Firewalls and corresponding management tools (FMC) ASDM), Intrusion Prevention Systems (IPS), Vulnerability Management (VM), Cisco Umbrella domain name security, ISE network Access Control, Posturing, and Profiling, IPsec VPN tunnels, AnyConnect remote users and security module, Third Party Partner Security Incident and Event Manager (SIEM), and other network and cloud security tools.

•Use tools (Wireshark and interface captures, and log searching) to assist in troubleshooting network, device configuration, and Network Security related problems.

•Responsible for firewall cleanup processes, tasks, and learning firewall tools to assist in performing these processes and tasks.

•Follow and maintain SOC process and technology documentation.

•Open and work to closure vendor TAC cases, mostly Cisco, to resolve incidents and device issues.

•Provide reports and metrics for the Operations and Administration Manager as requested.

•Interface with all other TSD technical teams in initiatives and activities the require Security Operations Center resources.

No. 2

20% Network Security and Cybersecurity:

•Monitor and respond to Third Party Partner initiated security investigations.

•Provide support of the established Incident Response Policy from beginning alert and investigation discovery through recovery to closure.

•Subscribe to and monitor Security Product Advisories and Cybersecurity Organization Bulletins researching and ensuring coverage of security device risks and Common Vulnerability Enumerations (CVE)

•Update PSIRT/CVE spread sheet to report progress and coverage of Security Product Advisories and Cybersecurity Organization Bulletins.

•Monitor and Maintain the IPS signatures, Block lists, URL reputation lists, and malware file lists to ensure latest security recommendations are implemented.

•Use monitoring and security diagnostic tools to threat hunt for network and device vulnerabilities, security risks and potential threats.

•Research trends to assist the Security Operations team in staying up to date on industry best practices and current Cybersecurity trends, tools, techniques, and procedures.

No. 3

30% Network Patching, Upgrading, and Maintenance:

•Evaluate, plan, and implement network devices, (switches, routers, management tools, etc.) and Network Security devices and tools (firewalls, IPS, ISE, etc.) upgrades and patches on a monthly and as needed schedule.

•Coordinates with various TSD teams in the evaluation, planning and implementation of patching, upgrading, and maintenance.

•Update patching spread sheet to reflect historic and current versioning.

•Uses software tools to manage patching, upgrading and maintenance of network and security devices (Visio, Microsoft Office, etc.)

No. 4

10% Security Industry and Product Research and Training

•Attend, classes, seminars, webinars, conferences, training sites, and research product documentation, to enhance professional development and to progress in the field of Network and Cybersecurity trends and developments.

•Use AOC provided resources to work toward Security Profession Certificates, (Cisco CCNA, routing switching, CCNA Security, CCNP Security, CISSP)

Skills:

Firewall, cisco firewalls, Security operations, Engineering, Incident response, Tufin, Firemon, Network, Threat hunting, Security

Top Skills Details:

Firewall,cisco firewalls,Security operations,Engineering,Incident response

Additional Skills & Qualifications:

Knowledge of enterprise Network Security technologies: Cisco FTD and ASA firewalls, IPS, FMC, IPsec tunnels, AnyConnect client, Cisco ISE, Cisco Umbrella, Third Party SIEM, DNS, VLANS, NAT Cisco Secure Endpoint (AMP), Load Balancing IP/Domain/URL security intelligence sources (virus total, TALOS, etc.)

Knowledge and or possession of Security Profession Certificates, (Cisco CCNA, routing switching, CCNA Security, CCNP Security, CISSP) is preferred but not required.

Skills:

Skills in: enterprise security technology; fundamental knowledge of the following, IPsec, IPS/IDS Snort Engine, SIEM, Identity Services Engine (ISE), Vulnerability Management, Access Control/AAA; networking fundamentals in the areas of enterprise network topology, routers, switches, servers, NAT, DNS; TCP/IP architecture and functionality, Wireshark and interface captures, and log searching to assist in troubleshooting configuration and Network Security related problems.

Abilities:

Ability to: plan and manage complex projects independently and with a team; communicate effectively with users to determine and resolve problems; communicate technical information to lay persons; interpret and follow established employment and policies; produce highly technical documents; consider the implications of new technology implementations; balance the application and system access business needs of users with Network Security protections.

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.