Network Security Engineer

• Associate degree in an Information Technology (IT) related field, as determined by the AOC.
• Active certifications as follows:
• Palo Alto Networks Certified Network Security Engineer (PCNSE) Certification.
• Cisco Certified Network Professional (CCNP) Enterprise or (CCNP) Security Certification.
• Preferred qualifications:
• Ten (10) years of CONUS technical experience in IT networking and network security.
• Bachelor’s degree in an Information Technology (IT) related field, as determined by the AOC. (certificate required)
• Current Certifications as follows:
• Prisma Certified Cloud Security Engineer (PCCSE) Certification from Palo Alto Networks
• Cisco Certified Internetwork Expert (CCIE) in Enterprise Infrastructure or Security Certification
• Responsibilities:
• Pro-actively identifying organization requirements, and helping to design, and engineer implementations that best serve the needs.
• Performing project-based engineering, design, installation and troubleshooting of data security networks.
• Providing assessment, design and implementation services of data and secure networking environments.
• Developing comprehensive graphical and text-based design documentation and effectively managing the implementation process from design to acceptance.
• Assisting internal groups through capacity planning, maintaining, monitoring and review of secure data communications networks.
• Leading migrations or assisting a team of engineers who will migrate traditional/legacy network security platforms to current/next generation technologies and expose customers to the full life cycle of defense in depth solutions.
• Assisting network engineers in troubleshooting critical problems or threat remediation relating to network security products.
• Working with the engineering team to successfully implement configuration guidelines, change management, and standard operating procedures for secure network solutions.
• Leading, scheduling, providing guidance and coordinating the activities with other team members to resolve end user problems in a timely and accurate fashion.
• Generating weekly status reports including project progress, key milestones, and tasks accomplished.
• Hosting weekly status meetings/calls with team or on as needed basis.

Preferred skills, experience, and capabilities:

• Five (5) years of experience with:
• Palo Alto Networks next generation firewall services.
• Intrusion Detection and Prevention with Palo Alto networks.
• Content Filtering Palo Alto networks.
• Virtual Private Networks using Palo Alto network systems.
• Data Loss Prevention
• TLS/SSL Inspection
• Four (4) years of experience in Complex switching, routing, wireless with Cisco Systems.
• Three (3) years of experience in Reverse Proxies, Load Balancing with A10 networks.
• Two (2) years of experience in Network Access Control - Cisco Identity Services Engine (ISE), Free Radius, and Access Control Lists (ACLs).

General experience with the following:

• Implementing multifactor authentication solutions with Microsoft.
• Cloud based virtual networking and security services
• Authentication standards - (802.1x) in wired and wireless applications.
• Scalable routing protocols Enhance Interior Gateway Routing Protocol (EIGRP), Open Shortest Path Fist (OSPF), and Border Gateway Protocol (BGP).
• Enterprise Data Center implementing Micro segmentation.
• Certificate Management, Public Key Infrastructure (PKI).
• Vulnerability management using Nessus, NMAP, Windows, Unix, and Linux OS
• Packet/Protocol Analysis using Opnet, Riverbed, Wireshark, and taps.
• Centralized Management using Panorama, SolarWindsCCNP
• Major server and desktop operating systems and utilities