Previous Job
Previous
Sr Network Security Engineer
Ref No.: 18-00317
Location: PITTSBURGH, Pennsylvania
The hiring manager needs a network security engineer to the Network Security Operations team requires an individual with a strong understanding of network security, operational troubleshooting and self-motivation. Incumbents are responsible for managing network firewalls, Web proxy/gateway security platforms, and in-depth troubleshooting. (Platforms include Fortigate firewalls, VMware NSX distributed firewall, Cisco ASAs, StoneGate/ForcePoint, Checkpoint firewalls, Bluecoat Web gateways, and others).
Will be responsible for Lab Testing Cisco ASA to Fortigate firewalls, Data Center migration to optimize firewall traffic working with vendors to identify/replace new enterprise devices.



Experience with the security component of products such as F5 and ZScaler is a plus. The position requires an individual capable of operating in a highly visible role in a fast-paced and dynamic environment. A qualified candidate should have a strong protocol-level understanding of computer networking, a general knowledge of the networking functions of enterprise computer applications, be passionate about all aspects of information security, proactive in researching and following security trends and best practices, and capable of self-learning new technologies with minimal assistance.

Must have heavy enterprise Cisco ASA and Fortigate firewall exp.
Migration experience specific to optimizing firewall traffic
Extensive expertise and work as a network security engineer in some or all of the following categories is preferred:
• Strong knowledge and ability using command line interface (CLI) on multiple platforms
• Administration and troubleshooting of firewalls, load balancers, routing and switching
• Intrusion detection systems (IDS/IPS), network forensics, network behavioral analysis
• Experience with high-availability (HA) configurations, support, recovery and fail-over
• Deployment of technologies in an active/active, active/passive and warm spare standby
• Troubleshooting of load balancing technologies, dropped packets, and network tracing
• VPN and encryption technologies (IPSec, SSL/TLS, GRE, etc)
• Understanding of TCP/IP and common protocols
• Virtualization, micro segmentation, and software defined network security (NSX, VMWare, converged infrastructure)
• Logging, monitoring, health and fault management automation
• Maintaining cluster configurations, Active/Active and Active/Passive along with warm spares
• Maintenance of firmware versions, upgrade plans and process maintenance
• Configuration of VPN B2B routes
• Deployment of UTM features, modules and reports
• Establishing industry best practices for logging, alerting and system monitoring

Current certifications from Fortinet, Cisco, or others is highly preferred.