SMBC Group

Returning Candidate?

Sr. Network Security Engineer

Sr. Network Security Engineer

Job Locations 
US-NY-New York
Career Category 
Information Technology
Position ID 
2016 - 0203
Corporate Title 
VP
Posting Date 
11/12/2017
Type 
Full-Time

More information about this job

Overview

The Senior Network Security Engineer is an IT professional with responsibility for designing, implementing and supporting network security solutions for the organization. In collaboration with members of the Architecture and Engineering, Systems Administration, Database Administration, IT Development and Application Support teams, the Senior Network Security Engineer will implement practical solutions to secure the bank's internal and external network infrastructure.

This includes the on-going maintenance and management of hardware and software that secures the organization's network, analyzing and troubleshooting problems and monitoring for potential network security problems or incidents.

 

Responsibilities

  • Installation, configuration, maintenance and support of Checkpoint firewalls, Palo Alto firewalls, VPNs, Website Filtering devices, Forescout NAC, Remote Access and Intrusion Detection/Prevention systems

  • Network Traffic monitoring; early detection and fast reaction to unexpected “suspicious" situations (i.e. unusual traffic volume, port attacks, rogue devices in the network, etc.)

  • Network design and security

  • Web and network security exploit identification

  • Intrusion detection/prevention and network traffic analysis

  • Security event analysis and monitoring 

  • Participate in security incident response

  • Monitor compliance with information security procedures and policies

  • Regular penetration testing, reporting and issue resolution

  • Liaising with global colleagues on the development of new designs and standards

  • Work with project teams to design and implement secure network connectivity solutions

  • Provide an escalation path for operations and deployment staff to resolve problems

  • Evaluate and certify new technologies or new versions of existing products

  • Integrate new products into the infrastructure

  • Act as escalation point to vendor to resolve problems

  • Write and maintain technical documentation including design docs, test plans, project plans, procedures, incident reports and troubleshooting guides

Qualifications

Knowledge:

  • Complete and in-depth knowledge of network management & security technologies and approaches. (DMZ design, IPSec, proxies, RADIUS, Network intrusion detection sensors) 
  • Thorough understanding and knowledge of network operating systems, network equipment and networking protocols such as TCP/UDP/IP
  • In depth understanding of DNS and common protocols such as HTTP/S, IPSEC, SSH

  • Network attack and penetration methods and defenses 
  • Web Proxy security 
  • Web application Firewall 
  • Sound knowledge of security techniques, latest protocols and defenses against new viruses and other attacks
  • Basic ability to program scripts and batch files
  • Working knowledge of MS Office, MS Visio and MS Project

Skills: 

  • Ability to translate security policies and procedures into technical architectures and/or configuration settings 
  • Strong organizational, problem-solving, written and communication skills 
  • Ability to quickly learn new technologies and concepts and apply that knowledge effectively 
  • Ability to work both independently and with a team to accomplish multiple tasks and projects
  • Ability to create technical documentation and network diagrams as deliverables to customers in a timely manner
  • Work with little supervision and is self-motivated 
  • Ability to multitask 
  • Experience with production troubleshooting 
  • Experience with integration of vendor products into a complex corporate IT environment 
  • Vendor Management experience
  • Project management skills
  • Strong understanding of WINDOWS and UNIX environments

 

Education and Qualifications:

  • Computer Science or Computer Software Engineering degree or equivalent technical training
  • Training and certification on network equipment and protocols – Checkpoint, Palo Alto and / or Cisco required
  • At least 5+ years of experience in computing or related area with a focus on network security
  • CISSP or other general security related certification a plus

Skill and Special Requirements 

          Occasional after-hours and weekend work