Network Security Lead Technician
Posted on Dec 12, 2018 by Request Technology
Network Security Lead Technician
A Fortune 500 company is in need of a Network Security Lead Technician. This person will key on Network Security Firewall intrusion, first responder to all security infrastructure incidents, and monitor network performance. This individual must have experience with Palo Alto Firewalls.
- Manage Firewall and network security systems by establishing and enforcing approved policies.
- Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units.
- Develop network documentation of security infrastructure.
- Troubleshoot a variety of products within a multi-vendor environment.
- Monitor network performance and implement performance tuning as necessary.
- Utilize industry best practices for security, disaster recovery, business continuity, change controls.
- Act as First Responder to all Security Infrastructure Incidents. Infrastructure and data.
- Assist in the deployment of security tools.
- Assist with administering security policies, standards and procedures.
- Palo Alto Firewall Administration - work with outside vendor to ensure Firewalls are fully operational.
- Patch and Lifecycle Management - ensure that all security infrastructure tools are at current patch levels.
- Maintain current and relevant knowledge of common network, authentication and security protocols (eg SNMP, TLS, SSL DNS, HTTPS, SMTP, LDAP, KERBEROS, RADIUS and FTPS)
- Actively protect information technology assets and infrastructure from external or internal threats and ensure that the company complies with statutory and regulatory requirements regarding information access, security and privacy.
- Assist in incident response for any breaches, intrusions, or theft.
- Monitor systems for any anomalies, proper updating, and patching.
- Monitor vendor websites for potential threat alerts and software upgrades.
- Perform planning, testing, and implementation of software and hardware upgrades.
- Maintains system documentation and configuration data for regulatory and audit purposes.
- Drive efforts to analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks.
- Review, recommend, and approve major changes, and communicate critical changes for supported technologies and processes.
- Document incident resolution and posts to appropriate logs/knowledge base for future reference. Responds to incidents/calls, determines severity, and takes action within the specified service level for rapid response support.
- Resolve complex incidents and escalates highly complex incidents and problems.
- Collaborate with an international team and ensure smooth transition of operational tasks throughout shifts.
- Partner with other Company Business Units to implement Network Security Infrastructure Changes based on the business case.
- Develop, test, and onboard new Standard Operating Procedures and troubleshooting documentation.
- Participate in an on-call rotation.
Education and Job Qualifications
- College Degree or equivalent work experience.
- 5+ years work experience in security or risk management, networking, or related technology based role.
- Certifications in area of specialty a plus. Examples include: CISSP, CSSLP, CISA, CISM, GIAC certs, CFE, CNP, CEH, etc.
- Experience with Servicenow ITSM system.
- Thorough understanding of how applications communicate over the network using source and destination IP addresses, ports and protocols.
- Ability to analyze network security requirements and implement perimeter security changes.
- Knowledge of how to configure, support, and troubleshoot Palo Alto Firewalls and Squid Proxy Servers.
- Palo Alto Networks Accredited Configuration Engineer (ACE) certification or equivalent knowledge.
- Palo Alto Networks Certified Network Security Engineer (PCNSE) certification or equivalent knowledge.
- Experience troubleshooting Firewalls, Proxy and load balancers.
- Experience using network management tools and packet captures to resolve operational issues.
- Solid understanding of routing and switching.
- Basic knowledge of incident management, problem management, and change management best-practices.
- Proficiency with network monitoring.
- Proficiency with TCP/IP and IPv4; IPv6 desired.
- Linux competency.
- Moderate knowledge of networking fundamentals (TCP/IP, Network layers, Ethernet, ARP, etc.).
- Unix administration and application support in a Unix environment experience required.
- Moderate experience with Scripting (PowerShell, PERL, PYTHON, etc.).
- Experience troubleshooting web traffic protocols and decryption.
- Experience with Cisco IOS. Ability to locate a host on the network for incidents or troubleshooting.
- Working knowledge of Splunk to perform queries on logs.