Network And Security Engineer
Network And Security Engineer 1 PositionCasameza
- Job Purpose
Provide Planning, Designing, Implementation, Operation and Optimization of Network and security services for a service provider network. Apply and enforce systems security processes, policies, and tools as defined by the company policy, across the business to protect the integrity of systems and to ensure full compliance with corporate and legal requirements
- Principal Accountabilities
- Build and implement secure networks to standards, templates, methodologies, standard methodologies, and delivery frameworks.
- Manage issues related with Internet Authority and National Regulators.
- Able to make reconfiguration/upgrades/RMAs procedures with measurable minimal impact on services. Good skill in operations of network equipment with NSF/NSR/ISSU features.
- Regularly perform network-based security risk assessments
- Maintain firewall, virtual private network, web, and email security programs, protocols, and security.
- Maintain physical and code environment to protect servers, switches, and entire information technology (IT) system while balancing overall load.
- Monitor and log security concerns and incidents and generate reports and track performance.
- As a precautionary measure, analyze and implement new security protocols for greater efficiency against any threat or malfunctions.
- Create Network Security Policies and produce documentations.
- Implement and maintain security awareness program.
- Design, Implement, document, and maintain security system infrastructure.
- Perform security software maintenance (updates, installations, and security patches).
- Deliver security solutions independently as well as through leading a team of engineers across multiple technical disciplines.
- Integrate security solutions into existing infrastructure, driving systems integration and implementation approaches including the identification and integration of third-party products and services into a cohesive solution design.
- Maintain a stable and optimized IP network.
- Participate in the out-of-hours on-call rotation providing expert and professional technical support to the business.
- Take the lead in escalations for high profile network and security incidents.
- Raise and implement Change Requests via the service management tool.
- Maintains architecture and design guideline documents and templates.
- Developing Technical documentation - HLD, LLD, Address plans, Test plans & implementation plans.
- Responsible for capacity planning on IP networks and security infrastructure.
- Responsible for the smooth operation of the network infrastructure to ensure maximum security, performance, and availability.
- Maintains close vendor relationships to support current technology solutions and provide roadmap strategies for all network security systems.
- Design and implement approved network and host-based technical security controls (e.g., firewalls, IDS/IPS, email security, DLP, etc.).
- Provide daily operational and implementation support for all Network Security Systems.
- Perform routine vulnerability management and penetration testing for risk analysis and remediation.
- Perform Risk Assessments, Compliance Assessments, Gap Analysis and Remediation, and Threat and Vulnerability Assessments.
- Provides strategic support for application security development equipment, configuration services, installation, and enhancements to meet the business requirements.
- Provide written Root Cause Analysis for any incident.
- Participate in any evaluation, investigation and resolution of security incidents as needed.
- Identifying current and emerging technology issues including security trends, vulnerabilities, and threats.
- Sourcing and implementing new security solutions to better protect the organization.
- Conducting proactive research to analyze security weaknesses and recommend appropriate strategies.
- Manage Vendor Relationships.
- Liaising with vendors to implement security solutions.
- Network design verification.
- Support Network audit.
- Ensuring regulatory standards are met.
- Develops and expands technical knowledge and capability to communicate and explain complex technical topics to less-experienced team members.
- Provide on-the-job training and guidance to colleagues in specific data-related tasks where appropriate.
- On-time reporting to direct Line Manager.
- Work on tasks assigned by Line Manager.
- Performs other duties as assigned.
- Personal Attributes
- Self-driven with the ability to work independently.
- Strong analytical and troubleshooting skills.
- An excellent communicator with good interpersonal and team building skills.
- The commercial acumen to provide cost-effective security solutions.
- An enthusiasm for staying up to date with the very latest updates about security threats and solutions.
- Strong time management and organizational skills.
- Ability to handle critical customer issues in high pressure scenarios.
- Flexible and responsive to changing work demands
- Tenacious and persistent.
- In-depth hands-on experience with wide range of network equipment, mainly Cisco, Juniper & Huawei.
- Strong background in Networking theory, Design and Architecture.
- Detailed background in firewalls mainly Cisco PIX/ASA, Huawei Eudemon, Juniper SRX, Software Defined Firewalls and Packet filtering concepts.
- Full competence in Network Penetration Testing, Monitoring systems and concepts.
- Full understanding and rich experience with configuration, support and troubleshooting inter operator connections such as Internet BGP peering, different options of Inter AS.
- Basic knowledge of wireless networks design planning and maintains, wireless controllers, AAA methods and protocols/ TACAC’s.
- Previous exposure to Linux and/or Windows Operating Systems, coding languages, and/or Networks.
- Good experience in and strong knowledge of a range of network and network security products and protocols.
- Good understanding of TCP/IP and networking protocols including DNS and NTP.
- Minimum 7 years’ experience designing, deploying, configuring, supporting, trouble shooting, debugging, and administering different routing protocols.
- Good system knowledge and knows how to solve IGP routing issues, (RIP, EIGRP, OSPF, ISIS) and Multicast (L2/L3 MPLS VPN) issues.
- Security expert with extensive technical, market and business expertise
- Knowledge and experience in Security Architecture and Security Solutions in Service Provider environment.
- Expert understanding of security technology domains related to Service Provider security (e.g., Firewalls and Network security, Network Access Control, Cloud, SOC, Endpoint security).
- Educational Qualifications
University degree in Computer Science, Information Technology, Telecommunications, Electrical engineering, or a science field. CCNP, JNCIP, CCNP security certification or equivalent. Security certifications like CISSP, CEH, CND, SecOps or equivalent certifications highly desirable.