$100K - $150K(Ladders Estimates)
The Advanced Engineering department resides in the Charter Technical Engineering Center (CTEC) facilities in Englewood, CO and oversees the design and architecture of Charter's multi-billion dollar network infrastructure. We investigate, select, develop, and integrate technologies and solutions that meet the needs of the company for short, medium and long term initiatives. This includes the delivery of the technology plan and future architecture for Voice, Video, Data, Optical, Commercial, Cloud, CPE, Network and Access.
The Security Engineering team is part of Charter's Advanced Engineering organization, and is tasked with defining company standards, while providing implementation guidelines for all network security related technologies associated to Core, Edge, and Access controls for Charter's nationwide network. We leverage modern security techniques and practices to build innovative solutions in multiple arenas such as Distributed Denial of Service (DDoS), Security Automation/Orchestration, and Network Security. Solutions being developed by the Security Engineering team are critical to supporting major business initiatives within Charter, and are essential in securing our vast and complex network. Qualified candidates must demonstrate strong knowledge with Service Provider and Enterprise level network security topics such as, Firewalls, DDoS, Botnet and Threat Anomaly Detection. Additionally, candidates will need to exhibit an extensive familiarity with Network Layers 2/3/4/7 during the interviewing processes.
This position will be reporting to the Director of Engineering and does not have any direct reports. The following duty statements are illustrative of the essential functions of the job and do not include other non-essential or marginal duties that may be required. The company reserves the right to modify or change the duties or essential functions of this job at any time.
Major responsibilities include:
• Architecture, develop and document industry best practices to support company initiatives while meeting performance and availability requirements
• Collaborate with Product, Operations and Engineering organizations to understand requirements and develop specifications around project initiatives
• Research new security technologies and adopt suitable best practices to solve industry obstacles and security threats
• Engineer and implement new solutions in the Advanced Engineering lab, creating proof of concepts for new technologies
• Provide technical leadership within the area of expertise and mentor junior engineers
Additional obligations include:
• Ensuring confidentiality, availability and integrity of in-house information systems and processes across the company infrastructure.
• Thorough review of design specification, lab testing, and company work group communication on all new and existing security related topics
• Audit of all existing security standards: to include engineering designs, implementation guidelines, and field bulletins for equipment and technology upgrades on the Charter networks.
• Operational problem escalations and vendor concerns/issues around security related matters
Required Qualifications and Skills
• Service Provider level knowledge of the networking concepts and Layer 3 routing such as BGP, MPLS and IS-IS
• Extensive experience using Python and shell scripting for administration, monitoring and automation (or equivalent)
• Strong background with 3 or more technology topics such as: DDoS, MFA, CALEA, TACACS/Radius, BGP Flowspec, PCI, WAF, Firewalls, IDS/IPS, Net Flow or DOCSIS
• Experience with 3 or more tools such as: Arbor, Tenable, Qualys, iTest, ACS, HPNA, ISE, Protectwise, Ixia, PAN OS, or Stealthwatch
• Familiarity with Juniper SRX, Cisco ASA or F5 AFM firewalls
• Passionate about automation, performance, reliability, visibility, use of the best tools possible
• Exceptional documentation skills
Desirable Qualifications and Skills
• Experience with strategic architecture and roadmap development (1-year and 3-year datacenter network outlook)
• Service Provider level knowledge of Data Center security architectures with DNS, NFV and SDN.
• Service Provider level knowledge of DOCSIS security architectures with CMTS, CMs and filters.
• Regularly attend Security Industry conferences such as M3AAWG, Defcon, ShmooCon, Derbycon, Blackhat, or B-Sides
• Extensive experience in Unix/Linux environments
• Certifications such as, CCIE, CISSP, and CISM
Education and Experience
• Bachelors Degree, preferably in Computer Science, Engineering, Maths, or Science field plus 5 – 10 years of relevant experience or equivalent combination of education and experience
Valid Through: 2019-9-25