Job Description
Senior IP Services Engineer w/expert level Fortinet
Location: Hybrid/Philadelphia (4 days a week remote and 1 day on site)
Fulltime/Permanent position
Will be working on SDWAN project in Feb MUST have STRONG Fortinet and Firewall skills, Know how to control traffic firewalls and understand EMS Endpoint management server. Will be working with web blocking, virus scanning and app control to control who is Proxy.
firewallsIPSproxySSLpacketsNATTCP/IPNetworkingFortinet SUMMARY:
This position will be responsible for the design, configuration and administration of firewalls, load-balancers, and proxy services throughout the enterprise. The successful candidate will be proficient in the conceptual and strategic operation of security and load-balancing components including hands-on configuration of firewalls in routed and transparent modes; transparent proxies in relation to their firewall policies; and load-balancers in local and global configurations. This position requires an elevated attention to detail, process, and discipline within a production financial environment.
ESSENTIAL FUNCTIONS:
- Implements and maintains firewall policies, including IPS and transparent proxy profiles, to supplement new technologies and project initiatives in conjunction with the Server, Development and Information Security teams.
- Implements and maintains load-balancers and their associated algorithms within and across a multi-datacenter infrastructure, to supplement application growth and redundancy in conjunction with the Server and Development teams.
- Compose and maintain firewall policies, including IPS and proxy profiles, through strong analytical, communication and problem-solving skills.
- Defines firewall objects, group objects and rules in a structured and efficient manner.
- Composes connectivity designs to satisfy project /task requirements utilizing proven, best-practice technologies and solutions.
- Performs implementation and troubleshooting of the security architecture to address identified deficiencies and enhance the company's strategic direction.
- Responds to issue escalations and service interruptions as a confident technical team-member.
- Completes tasks in accordance to best practices and in compliance with security and corporate guidelines.
- Ensures responsibilities are carried out accurately and in a timely basis.
- Manages multiple priorities effectively.
- Prepares technical subject matter presentations suitable for management.
- Maintains effective relationships with vendors, consultants and coworkers.
- Evaluates emerging technologies and product platforms with regards to business drivers, infrastructure performance and scalability assessments.
ESSENTIAL QUALIFICATIONS:
- Strong understanding of proxies and their foundation technologies including SSL Inspection, Web Filtering and Application Control, at an advanced level.
- SSL/TLS security including certificate inspection, deep packet inspection and certificate management.
- Strong understanding of firewall logic including Network / Port Address Translations (NAT / PAT); Site-to-Site VPNs and remote-access VPNs.
- Layer 2 and Layer 3 networking design and implementation.
- Thorough knowledge of TCP/IP addressing and sub-netting.
- Packet capture and analysis
- Exceptional technical documentation skills
- Excellent communication and interpersonal skills.
- Experience with current best practices in IT standards, principles, and security practices.
- After-hours (evenings and weekends) work will be required, as needed
Required skills/competencies:
- Hands-on experience with the following platforms/feature-sets:
- FortiNet, and Cisco firewall platforms within the GUI and CLI
- F5 Local and Global Traffic Managers, including iRules configurations.
- Basic understanding of layer 3 protocols, such as HSRP, ARP, EIGRP, OSPF, and BGP.
- Basic comprehension of layer 2 technologies including (Rapid) Spanning Tree Protocol and LACP.
- Logging aggregation and reporting via SNMP and SYSLOG.
Preferred education/experience:
- Bachelors degree in Computer Science, Information Systems, or related technical studies.
Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.
Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.
Company Website: https://www.yoh.com/