This is an interesting opportunity for a Security Engineer to work within a mid-sized ISP environment working on multiple projects and taking an active lead in security improvements across the business. The business is growing substantially and acquiring other relevant businesses to grow its customer base. Its also undergoing a huge project to completely redesign the network services to provide additional services such as digital media streaming etc.
You will be actively contributing to streamline our services and help build towards a maximum availability of the network for the services of the company.
Your main focus will be to design, maintain and renew the complex data networks, services and applications within our engineering and capacity guidelines. This is in order to leverage data center and triple play networking expertise in maintaining SLA and ensuring always-on complex network infrastructure and services.
Hard Requirements and Responsibilities:
- Responsible for both hands on engineering, service design and service transition of network security infrastructure solutions
- Responsible as higher tier support to the security operation team during critical and high priority incidents that threaten customer business continuation
- Provide technical consultancy towards internal and external partners on security best-practices.
- Experience with network device configuration (e.g. IOS, JunOS), network architecture (e.g. BGP, dynamic routing, service catalogs and asset management), and network automation.
- Experience with datacenter network architecture, configuration, and technologies.
- Working knowledge and hands on experience with both ASA, and Fortinet platforms
- Experience with virtual private network technologies and configurations
- Experience with a scripting language (e.g. Perl, Python, PHP, Ruby)
- Solid understanding of networking concepts (TCP/IP stack, SSL/TLS, Routing, ACL) in order to provide application architecture feedback. Solid understanding in AAA concepts
- Thorough understanding of the latest security principles, techniques, and protocols
- Experience with ISO 27xxx / 90xx / 22301 assessments and certifications
- Experience with PWC assessments
- Experience with Microsoft Active Directory
- Experience with enterprise grade AAA infrastructure (Radius and LDAP)
- Proficiency in either Mac OS X and/or other flavors of UNIX
- Working knowledge of Firepower IPS
- Working knowledge of ARBOR DDOS protection
- Working knowledge and hands on experience with enterprise grade penetration testing
- Experience with Software Defined Networking technologies and IPv6 preferred
- Experience with a programming language (e.g. JAVA, Objective C)
- Minimum of 5 years’ experience in an enterprise network or ISP environment
- Hands on work experience as a system security engineer or information security engineer
- Experience in building and maintaining security systems
- Hands on experience in security systems, including firewalls (ASA 55xx-X and Fortigate/Fortinet), intrusion detection systems (Firepower), anti-virus software, authentication systems, log management, content filtering, etc.