The Network Analyst role works under the Security Architect supervision, and performs tasks from detailed instructions and established procedures. This role will work with multiple product/project teams to capture and document their communications requirements, identify exceptions to security policy, advise on best practices, and facilitate configuration of network security infrastructure to implement required network connectivity controls.
Responsibilities include regular collaboration with program/project teams to understand business and technical requirements for internal and inter-application communications, creating/assisting with communications/network flow documentation/diagrams, providing advice and guidance on network enterprise architecture standards and security best practices, assisting with the solution design/implementation process, designing and implementing firewall rules, security groups, application delivery controllers, and web application firewall rulesets, facilitating the efforts of other IT delivery teams, providing regular status communication with project/product managers, setting/meeting delivery timeline expectations, assisting in firewall rule cleanup, and conducting routine firewall policy reviews to ensure protection strategies are properly implemented.
The candidate needs to understand fundamental networking concepts and awareness of common network communication protocols, will need to be able to produce effective and concise technical documentation and diagrams, and must have a commitment to industry best practices, security related concerns and a willingness to work toward the satisfactory resolution of conflicts toward meeting the business needsResponsibilities
Required SkillsSoft Skills
- Attend project/product planning meetings to understand communication requirements, advise on policy and best practice, and provide status updates on deliverables.
- Follow Change Control processes to implement Firewall and ADC changes (including occasional after-hours changes).
- Evaluates network security reports and studies to assist in the identification and resolution of potential security vulnerabilities and misconfigurations.
- Facilitate the efforts of other IT delivery teams, particularly Identity/Access Management/Provisioning, DNS, and networking teams, as pertains to network connectivity requirements.
- Adheres to current security engineering practices, best practices, and enterprise architecture standards and patterns.
- Assists in firewall rule cleanup efforts.
- Conducts routine firewall policy reviews to ensure protection strategies are properly implemented.
- Conduct research into network, server, storage, virtualization issues, standards, and products.
- Technical Writing and Diagramming
- Knowledge and experience with ITIL processes.
- Troubleshooting - Identify the root cause of failed firewall change requests to determine necessary changes to the requests or overall process.
- Communications/Presentation - Ascertain the level of depth the audience of a communication is needs and either detail the specifics or summarize the high points. Tactful, to the point, updates during outages so to not waste time. Keep team and management informed of what is going on as soon as an issue arises.
- Time Management / Organization - Keep track of up to a dozen different initiatives while dealing with standard support issues.
- Versatility - adapt to an ever changing list of responsibilities and priorities. Help out where ever needed, when necessary. Adjust to projects that are beyond the scope the job responsibilities.
- Accessibility - Available to support the fulfillment of Firewall Change Requests (FCRs) to support business needs. Willingness to work extended hours to reach business deadlines.
- Familiarity with current security protocols, standards, and methodologies, including but not limited to PCI, HIPAA, FFIEC, Sarbanes-Oxley Act, and ISO 27001
- Understanding of export control regulatory compliance requirements and Technology Control Plans.
Required Knowledge & Experience
- LAN/WAN Protocols, including a strong familiarity with TCP/IP, SSL/TLS, and HTTP
- Firewall administration
- Networking (Cisco route/switch and/or AWS native services experience preferred)
- Directory Services
The ideal candidate will have experience with some or all of the following:
- Firewall Administration (Palo Alto preferred)
- Cloud-native Infrastructure (Amazon Web Services (AWS) preferred)
- Application Delivery Controller (F5 Big-IP Local Traffic Manager (LTM) preferred)
- Networking (Cisco preferred)
- Background in secure infrastructure concepts (Security+ or equivalent certification or work experience preferred)