Network Security L3

Position: Network Security L3

Location: Dallas, TX - Onsite

Option 1 Checkpoint + Zscaler (ZIA & ZPA) + Aruba ClearPass

Option 2 - Checkpoint + Zscaler (ZIA & ZPA) + Cloudflare WAF

Manage day-to-day Operations according to customer environment

Organizational Functions:

Develop and implement network security architecture, policies, and procedures to protect against threats.
Should be able to provide L3 level support on critical/Outage situation and drive end to end until the resolution.
Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP).
Should have Strong expertise in:
Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure.
Should have good working experience on checkpoint VPN (S2S & Remote access).
Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection.
Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols.
Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services.
Resolve complex authentication failures, latency issues, and TACACS+ service issues.
Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation.
Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler's cloud security concepts.
Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows.
Deep understanding of Zero Trust Network Access (ZTNA), firewalls, and IPSec/SSL VPNs.
Create and maintain comprehensive documentation related to network security infrastructure and procedures following the NIST and CIS standards.
Identify the in-efficiencies in the operations and identify potential solutions to improve efficiency.
Own and drive improvements in the areas of Operations, technology, Advisory and customer satisfaction.
Stay up to date on emerging security threats, technologies, and industry trends.
Manage and mentor a team of network security engineers and analysts.
One should identify possible automation capabilities, their execution
within the network security products and process and deliver across multiple customer environments.
Should be cross-skilled across multiple technologies covering products like Firewalls, Web-Proxies, as well as cloud security products (AWS, Azure, Google Cloud Platform etc.)
Should prepare weekly and monthly performance reports across multiple customer environments (people, technologies, Process Gaps, Risk, RAG status etc.)
Should be able to conduct internal training to address the skill gap as well as motivate the team to do technical certifications.

Core Functions:

Focus on technologies and bring automation capabilities.
Regular reporting on the state of the customer delivery.
Maintain KPIs for the teams and report on Service Improvement Areas to senior management
Identify risks and maintain compliance with submission of client-facing reports.
Focus on industry-based practices and configuration and guide the team to follow the same.

Individual Performance Measurement Criteria

- Bring quality in service delivery and work on cross killing people to increase productivity.

- Quality and effectiveness in communications and engagement with stakeholders.

- Low / Zero Escalation from the customers

- Driving Innovation to improve Service standards & Quality.

Technical Skills

Proficiency Level

Understanding of the different security technologies, Experience in deploying, configuring and troubleshooting of

1. Firewalls (Checkpoint)

2. NAC Aruba Clearpass

3. Web application Firewall Cloudflare

4. Web-Proxy -Zscaler (ZIA/ZPA/ZDX)

5. Email Security Abnormal AI

6. Load balancer F5 BIG-IP

Experience in different Information Security Processes.
1. Security Change Management

2. Rule Base Reviews & Optimization

3. Security Incident Management (Standard & Critical)

Understanding of different Security Architectures.

Communication and Organizational skills

Good command of the English language, with excellent written and verbal skills.
Proactive in communication and appropriate selection of audience according to topic.
Highly organized and capable of tracking a variety of tasks to closure.
Good time management principles and effective in prioritizing workloads.
Cultural Requirements

Works collaboratively with other teams and builds positive working relationships
Able to learn quickly and apply common sense to new situations, but understand when it is appropriate to engage others for advice
Open and transparent style and approach when working with others

Places a significant level of importance on personal & team development and understanding then improving upon weakness

Accepting feedback from managers, peers, and clients regarding work performance

Utilizes a goal-oriented approach, which drives self-improvement both personally and professionally and drives the teams.

Takes the initiative to work on tasks outside of his or her immediate scope of responsibility and encourages others to do so.

Experience Required

Minimum overall experience of 8-12 years

- Minimum of 8 years experience in Information Security

- Minimum of 6 years experience in running a Security Operations Center for a large organization.

Certifications Required

Industry-recognized certifications such as CCSA/CCSE, CCIE, or equivalent is highly desirable.

Education Qualifications

Preferably Graduate with Science/Eng