The Network Security Engineer focuses on continuous operations for health and performance, incident, change and problem management of the supported configuration items. Perform research and investigation if a managed technology does not perform as expected or a potential device health issue is identified. Alignment with the ITIL standards by observing the Incident Management lifecycle processes. The position requires hands-on technical work, a comprehensive understanding of today’s information
Key Responsibilities:
• When it is not technically feasible to install monitoring, member will monitor the data stream coming from the device/technology.
• Initiate additional time-based checks if contact with a managed technology/device is lost.
• Begin research and investigation of the documented issues.
• If the managed technology is identified as the potential source of a network-related problem, examine the configuration and functionality for potential issues.
• Display the device health and outage ticket in the tool.
• Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall, SOC functions.
• Conduct assessments to identify and mitigate risky configurations.
• Contribute and reduce auditing time with automated compliance reports. • Strong analytical and problem-solving skills.
• Ensure the team follows the incident and change management procedures.
• Monitor Service Level Agreements (SLAs) for responsiveness and coverage.
• Provide regular reports and statistics for service management.
• Support for issues and mentoring for line 1 network security engineer.
• Solution architecture assignment for multiple projects, as designated by manager, with adherence to overall enterprise architecture and network, service, and system architecture standards.
• Additionally, develops guides/SOPs for work-related tasks, assists with vulnerability assessments as needed.
• Documenting architecture of Network Services systems and services throughout enterprise.
• Evaluation of emerging technologies, with understanding of fit and value within enterprise.
• Engagement with vendors for emerging solution review, including detailed design, and best practices evaluation.
• Conducting proactive research to analyse security weaknesses and recommend appropriate strategies.
• Ensure network security best practices are implemented through auditing managed devices.
• Other duties as assigned.
• Escalation support for L1 Engineers for Firewalls Cisco ASA/Firepower and Palo Alto Firewalls
• Escalation support for L1 Engineers for Illumio micro segmentation technology.
• Escalation support for L1 Engineers for Cisco Umbrella Solution
• Escalation support for L1 Engineers for ForeScout technology.
• Escalation support for L1 Engineers for Akamai WAF and incident triage for akamai.
• Escalation support for L1 Engineers Provide L3 support for Microsoft Defender AV, ATP, and Firewall modules.
• 24 x 7 support on-call
Knowledge:
• Bachelor’s degree in Cybersecurity, Computer Science, or related engineering field
• Language requirement: English (Required).
• Cisco Certified Network Associate Security (CCNA Security) training or equivalent (Required).
• Palo Alto Networks Certified Network Security Engineer (PCNSE) training (Required).
• Palo Alto Networks Certified Network Security Administrator (PCNSA) training (Required).
• Cisco Certified Network Associate R&S (CCNA) training or equivalent (Required).
• Cisco Umbrella Security Solution or equivalent vendor (Required).
• Network Security Micro segmentation with Illumio technology or equivalent vendor (Required).
• ITIL Foundations Training (Required).
• Cisco Certified Network Professional R&S (CCNP R&S) training or equivalent (Desired).
• Cisco Certified Network Professional Security (CCNP Security) training or equivalent (Desired).
• Cisco Identity Services Engine (ISE) training or equivalent (Desired)
• Network Access Control (NAC) with ForeScout or equivalent vendor (Desired).
• End Point Security Protection solutions with Microsoft Defender Suite or equivalent vendor (Desired).
• Akamai Technologies solution knowledge (Desired).
Experience:
• 5+ years, hands-on, broad-based information security experience.
• 5+ working in a Security Operations Center or Managed Services Team in a Level 2 position or similar experience.
• 5+ Managing Firewalls Cisco ASA Firewalls/Firepower devices and Palo Alto NGFW.
• 5+ Managing Firewalls with CDO or Panorama
• 5+ Using monitoring solutions like SolarWinds or any other similar solution to manage the network.
• 3+ Managing Umbrella solutions.
• 3+ Working with vendors/partners to support solutions.
• Advanced experience in using an IDS/IPS and SIEM
• Advanced experience with log and packet analysis tools and techniques.
• Advanced knowledge and background of working with technical security issues facing large organizations.
• Familiar with SOX, PCI DSS, ISO 27000, NIST SP 800, ITIL
• Tolerance for Demands & work under pressure.
• A self-starter with strong interpersonal skills and the ability to work independently.
• Experience of operational security monitoring, metrics, and reporting
• Strong verbal and written communication.
• Recommend and implement best practices for firewall management compliance with internal firewall policies.
• Monitoring of service levels for incidents and requests
• Incident Response.
Benefits: