Overview
Hybrid3 days onsite
Depends on Experience
Contract - W2
Contract - 24 Month(s)
No Travel Required
Able to Provide Sponsorship
Skills
DNS
F5 Load Balancers
Fortinet
Palo Alto firewalls
VPNs
DMZ
Network Security Engineer
Cisco Firepower
Job Details
Job title: Network Security Engineer
Job location: New York, New York ( hybrid- 3 days onsite)
Job type: Contract W-2
A global bank is seeking a Network Security Engineer to join their New York office. The Network Security Engineer must have hands-on experience in network security management. Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Network Security Engineer must bring extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation.
Responsibilities:
Infrastructure Oversight: Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity.
Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals.
Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents.
Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication.
Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments.
Audit and Security Coordination: Work closely with audit and IT Security teams to provide necessary documentation and implement remediation plans as required.
Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team.
Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region.
Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making.
Tool Proficiency: Proficient knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response.
Skills:
- Extensive understanding of network technologies – L2, L3, VXLAN, BGP, LAN/WAN/VPN
- Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods
- Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting
- Troubleshooting knowledge of network and security systems with minimal guidance is required.
- OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required.
- Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting.
- Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus
- Knowledge of scripting languages such as Python, PowerShell, or Ansible.
- Knowledge of Ansible Scripting is a plus
Education:
Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred.
8+ years of hands-on experience in network security management, preferably within the financial services industry.
Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation.
Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.