Our Digital Infrastructure solutions help make existing IT infrastructure more efficient, while equipping our clients for a cloud-flexible, mobile-ready, highly secured, insight-driven future. Given the millions of potential configurations across these technologies, our clients rely on our expertise to simplify a highly complex IT landscape, helping to identify and deploy the solutions most appropriate for their business needs. Our Digital Infrastructure solutions scale from workgroup to the largest enterprise requirements.
Our Tri-State Professional Services practice is growing and we have an exciting opportunity for a Sr. Network Security Engineer to be a part of a dedicated Security overlay team. This team will support our client base throughout the entire Tri-State region (Northern New Jersey, New York, and Connecticut). This individual's primary responsibility will be to execute multi-faceted high-end security engagements for our customers. This individual will manage small to large projects on their own, from design to implementation to troubleshooting, as well as being a team member on complex engagements involving multiple technologies. The engineer will be responsible for projects, upgrades, and troubleshooting at multiple customer sites across the New York Tri-State area.
This is a hands-on role and the individual will ensure services are completed successfully and efficiently, and have met or exceeded client expectations. In this role you will act as a focal point for client security problem resolution, lead design workshops and support pre-sales activity for highly complex security solutions when needed. You will consistently evaluate, develop and refine technical deployment methodology & documentation. The ideal candidate will have functioned in a senior information security role or as a client-facing security/risk management consultant. This individual should have the ability to interface with management in order to align business objectives and risk management strategies, as well as security engineers to validate security related designs and configurations.
- We seek a Bachelor's Degree or the equivalent experience and/or military experience
- We seek 5 years of related experience with project Deliverables from a VAR/Integrator experience mandatory
- You have experience with security solutions that align with customer compliance requirements and industry standards like PCI, HIPAA, SOX, NIST, ITIL, etc.
- Working knowledge of host/network common vulnerabilities and exploits (CVEs, IAVAs, etc.), hacker methodologies and tactics, and the tools used.
- We seek strong technical and leadership skills that will provide insight to current security initiatives and products to drive differentiation in the market place.
- You possess previous experience successfully positioning professional services, managed services & SaaS solutions to fulfill needs regarding risk management, risk assessments, compliance assessment/remediation, information security architectures is desired
- You have solid documentation experience with Microsoft® Visio, Word, and Excel
- You possess strong industry knowledge and expertise in building comprehensive solutions.
- You are flexible for travel (up to 25%) and possess a vehicle as you will be visiting client sites across the region on a regular basis.
- Potential candidates will possess at least one or more of the following certifications and qualifications:
- Palo Alto Networks PCNSE
- Forescout FSCA / FSCE
- Cisco® CCNP/CCIE certificate or equivalent experience
Required Technical Skills:
Potential candidates must possess experience and demonstrated expertise in at least one or more of the following areas:
- Palo Alto Networks Product Portfolio
- Firewalls (Appliance, VM, Cloud)
- Global Protect
- Cisco Security product portfolio design, configuration, and tuning
- DNA / pxGrid integration
- dACL, SGT
- ISE – NAC, Posture, and Provisioning for Wired, Wireless, and VPN
- ASA, Meraki MX, FirePower / FTD Firewalls: Configuration, tuning, troubleshooting
- FMC Management
- SIEM Platforms
- LogRhythm – Installation, configuration, tuning
- Splunk – Installation, configuration, analytics
- CounterACT – Installation, configuration, and tuning for visibility and NAC
- Excellent understanding of VPN (site to site, remote access client, IPSec, IKE, tunnel modes, SSL/clientless/AnyConnect, Tunnels between Firewalls, Routers)
- Content Security (Cisco/Ironport ESA/WSA, WebSense, etc.)
- Security Testing and Audit Platforms (Nessus, NMAP, etc.)
- Multi-Factor Authentication
- Working Knowledge of the TCP/IP protocol suite, TCP/IP headers and packets, the OSI model, and commonly used TCP/UDP ports and associated services.
- Working knowledge of network engineering and local and wide area (LAN/WAN) technologies and topologies.
- Working knowledge of routing protocols, switching, firewall configuration, and security best practices, etc.
- Working knowledge of common OS and domain structures (Red Hat Linux, Oracle/Sun, Windows, Active Directory, etc.), servers, services, and associated vulnerabilities.