Network Security Engineer II

Assist Network Security Engineers in hardening and securing the credit union networks, servers, desktops, and other systems, including administration of firewalls, intrusion prevention systems, antivirus, VPN, and other security applications.

This position will focus on advanced knowledge of firewall administration, endpoint security including NGAV, HIPs and EDR and intrusion prevention systems.  An advanced understanding of TCP/IP is required, including the ability to perform and analyze packet captures.  And advanced understanding of the functionality of, as well as the ability to tune and harden Solaris, Linux, BSD and Windows operating systems.  An advanced understanding of VPN architecture and the ability to administer VPN connections is required.  The ability to script is a necessity for job duties, as well as the ability to correlate security events from various logging and security systems.  An understanding of wireless networking security and authentication systems is needed.

1. Assumes responsibility for effective maintenance of firewalls.

• Document and maintain security baseline standards and procedures
• Assists in maintaining firewall software and hardware.
• Patches firewalls when necessary.
• Maintains firewall rule set through regular audits of firewalls rules.
• Creates, deletes, and modifies firewall rules when needed and does so using established policies and procedures.
• Ensures firewalls are properly monitored by internal monitoring systems.
• Assists in monitoring firewall logs.
• Tunes and configures firewalls for peak performance.
• Maintains and configures application firewalls.

2. Assumes responsibility for effective maintenance of intrusion prevention systems.

• Maintains intrusion prevention system rule sets, including keeping rule sets current.
• Monitors alerts and logs generated by intrusion prevention systems.
• Ensures proper placement of various intrusion prevention sensors and servers.

3. Assumes responsibility for maintenance and administration of endpoint security.

• Document malware threats and identify procedures to avoid them.
• Keeps up to date on latest malware threats and solutions to protect against them.
• Maintains AV systems keeping them up to date.
• Tunes alerts and reporting.

4. Assumes responsibility of SSL and IPsec VPN systems.

• Maintains, configure, and troubleshoot SSL and IPsec VPN connections, including both site-to- site and client connections.
• Ensures VPN systems are up to date.
• Document standards for tunnel security baseline

5. Assumes responsibility for securing wired and wireless networks.

• Works with network administrators to ensure wired and wireless networks are secure.
• Ensures wireless networks are up-to-date and secure against new, evolving threats.

6. Assumes responsibility for email security.

• Analysis and implementation of perimeter email security and routing solutions.
• Implementation of email security standards such as DKIM, SPF and DMARC.
• Maintain email security infrastructure.
• Develop metric reporting capabilities.

7. Assumes responsibility of web proxies.

• Maintains proxy software and hardware.
• Patches proxies when necessary.
• Maintains proxy policy through regular audits and health checks.
• Ensures proxies are properly monitored by internal monitoring systems.
• Tunes and configures proxies for peak performance.

8. Assumes responsibility for web application security.

• Engineers, configures, deploys and maintains Web Application Firewalls.
• Develops advanced alerts/reports to meet internal requirements.
• Creates WAF rules/signatures to mitigate threats and implements best practices.
• Work with key stakeholders to tune WAF policies

9. Assumes responsibility for cloud security.

• Leads coordination with applications teams to define security requirements.
• Management of CASB solutions.
• Create and maintain new DLP/Cloud access policies.

10. Assumes responsibility for DLP security.

• Assist in the development of business processes and policies related to controlling the classification, marking and access of sensitive data.
• Maintain DLP system components including patching, upgrades and policy.
• Assist with maturing the system to improve protection strategy and architecture.

11. Assumes responsibility for establishing and maintaining effective communication, coordination, and working relations with area staff and management.

• Keeps management informed of significant problems and of progress attained in reaching established objectives. Provides recommendations for establishing new and more effective programs and future equipment needs. Suggests related procedural changes.
• Assists and supports the rest of the team as needed.
• Prepares reports of activities, records, and other required documents.
• Attends and participates in meetings and committees as required.
• Works with server, desktop, and laptop administrators to ensure their systems are fully patched and follow established security hardening procedures.

12. Assumes responsibility for related duties as required or assigned.

• Stays informed of changes in security technology.
• Keeps work area clean, secure, and well-maintained.
• Completes special projects as assigned.
• Assists with security assessments of credit union systems, including application-based attacks such as fuzzing, injection, etc.
• Assists with the security assessment of various software purchases, external vendors and technology service providers.

Training/Education/Certification

• College degree preferred.
• CISSP or GIAC certification preferred.
• Security + preferred.

Required Knowledge

• Advanced understanding of firewall and intrusion detection system administration.
• Advanced understanding of TCP/IP.
• Use of advanced security assessment tools.
• Understanding of antivirus systems and how they operate.
• Advanced understanding of Solaris, Linux, BSD, and Windows operating systems.
• Ability to tune and harden various operating systems.
• Bash, Perl, or other scripting experience.
• Understanding of SSL and IPsec VPN technology.
• Ability to use security systems to correlate and respond to security alerts and events.
• Strong understanding of RSA, LDAP, and other authentication systems.
• Advanced understanding of wireless network security.

Experience Preferred

• Experience conducting security assessments.
• Seven to nine years’ experience administering authentication systems.
• Seven to nine years’ experience administering anti-virus solutions.
• Seven to nine years’ experience administering DLP solutions.
• Seven to nine years’ experience administering email / web security proxies.
• Seven to nine years’ experience administering cloud security products.

Experience Required

• Seven to nine years’ experience administering PaloAlto firewalls and intrusion prevention systems.
• Seven to nine years’ experience administering VPNs.
• Seven to nine years’ experience administering web application or XML firewalls.
• Seven to nine years’ experience administering authentication systems.

Skills/Abilities

• Strong analytical and problem-solving skills.
• Well organized, with good verbal and written communications skills.
• Ability to prioritize and plan projects effectively.
• Ability to assist others and share knowledge with other team members.
• Able to use PC, terminal keyboards, and various computer hardware.