The Senior Network Security Engineer will ensure that the internal infrastructure is securely designed and implemented with high standards. If you enjoy analyzing networks, system and services from a security perspective, and you are skilled at discovering potential security issues for new and existing scenarios, this position will provide you with a challenging and rewarding opportunity. You will participate in the design, build, deployment and operation of security-focused infrastructure and provide consultation, architectural review, risk assessment of LifeLabs’ systems and networks that support our vast organization.
· Assist in the design, implementation, and maintenance of the enterprise network access control (NAC) solution such as Forescout, Cisco ISE, etc.
· Be the SME for network security with in-depth knowledge of advanced networking concepts such as community VLANs, NIST/SANS/ITSG-22 security frameworks for network segregation, Zero-Trust networks, etc.
· Strong hands-on experience with integrating with other Infosec tools for an overall holistic view (Vulnerability Management, SIEM/UEBA, EDR, IAM)
· Experience with identity management tools such as AD, MFA/TFA, SSO
· Work cross-functionally within company to coordinate updates to technology to meet current and long-term business needs.
· In-depth knowledge of Azure Network Security Concepts
· Create detailed documentation and architecture diagrams for the managed environment
· Lead network security projects and provide clear direction to business stakeholders that adhere to the enterprise IT security mandates.
· Analyze customer requirements, design new environments, and communicate with IT Directors, Architects and VPs across our customer base.
· Monitor logs/reports from servers, firewalls, intrusion detection, network traffic, Email, Internet usage, access administration, for unusual or suspicious activity/violations, interprets activity, and recommends plans for resolution and improvement.
· Provide security support/recommendations for IT projects.
· Conform with all company policies and procedures
· Other duties as assigned.
· Ability to develop, follow and enforce security practices.
· Strong knowledge of Cisco/Palo Alto Security equipment
· Experience with CIS/NIST, SANS, ITSG Security frameworks
· Knowledge of other IT Security tools such as Forescout, Logrhythm, Vectra AI, Infoblox
· Experience re-architecting an enterprise network with zoning and firewall policy segmentation
· An advanced understanding of current threats and trends present in the Information Security, Technology, and utility operations fields.
· The ideal candidate will be self-motivated with the ability to perform autonomously and can drive a project to successful completion
* Preferred designations/Certifications: CCNP, CISSP, CEH, CCIE, Palo Alto, SANS Certifications (GIAC)