Lead Network Security Technician/Palo Alto
Posted on Dec 11, 2018 by Request Technology - Craig Johnson
Prestigious Fortune 500 Company is currently seeking a Lead Network Security Technical Analyst with Palo Alto experience. Candidate will support cutting edge technology in a global support environment. Candidate will ensure and assist with the proper support and life cycle of solutions that support information security including Firewalls, intrusion detection and prevention systems, Proxy Servers, and other security solutions. Candidate will identify and evaluate and implement technical security controls to continuously improve the organization's security posture. This individual will also be responsible for continual process improvements in the monitoring of the network security infrastructure, building dashboards, establishing baselines for metrics, and refining performance alerts.
- Manage Firewall and network security systems by establishing and enforcing approved policies.
- Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units.
- Develop network documentation of security infrastructure.
- Troubleshoot a variety of products within a multi-vendor environment.
- Monitor network performance and implement performance tuning as necessary.
- Utilize industry best practices for security, disaster recovery, business continuity, change controls.
- Act as First Responder to all Security Infrastructure Incidents. Infrastructure and data.
- Attend Change Management meetings.
- Assist in the deployment of security tools.
- Assist with administering security policies, standards and procedures.
- Palo Alto Firewall Administration - work with outside vendor to ensure Firewalls are fully operational.
- Patch and Lifecycle Management - ensure that all security infrastructure tools are at current patch levels.
- Maintain current and relevant knowledge of common network, authentication and security protocols (eg SNMP, TLS, SSL DNS, HTTPS, SMTP, LDAP, KERBEROS, RADIUS and FTPS)
- Actively protect information technology assets and infrastructure from external or internal threats and ensure that the company complies with statutory and regulatory requirements regarding information access, security and privacy.
- Assist in incident response for any breaches, intrusions, or theft.
- Monitor systems for any anomalies, proper updating, and patching.
- Monitor vendor websites for potential threat alerts and software upgrades.
- Perform planning, testing, and implementation of software and hardware upgrades.
- Maintains system documentation and configuration data for regulatory and audit purposes.
- Drive efforts to analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks.
- Review, recommend, and approve major changes, and communicate critical changes for supported technologies and processes.
- Document incident resolution and posts to appropriate logs/knowledge base for future reference. Responds to incidents/calls, determines severity, and takes action within the specified service level for rapid response support.
- Resolve complex incidents and escalates highly complex incidents and problems.
- Collaborate with an international team and ensure smooth transition of operational tasks throughout shifts.
- Partner with other Company Business Units to implement Network Security Infrastructure Changes based on the business case.
- Develop, test, and onboard new Standard Operating Procedures and troubleshooting documentation.
- Participate in an on-call rotation.
- College Degree or equivalent work experience.
- 5+ years work experience in security or risk management, networking, or related technology based role.
- Certifications in area of specialty a plus. Examples include: CISSP, CSSLP, CISA, CISM, GIAC certs, CFE, CNP, CEH, etc.
- Experience with Servicenow ITSM system.
- Thorough understanding of how applications communicate over the network using source and destination IP addresses, ports and protocols.
- Ability to analyze network security requirements and implement perimeter security changes.
- Knowledge of how to configure, support, and troubleshoot Palo Alto Firewalls and Squid Proxy Servers.
- Palo Alto Networks Accredited Configuration Engineer (ACE) certification or equivalent knowledge.
- Palo Alto Networks Certified Network Security Engineer (PCNSE) certification or equivalent knowledge.
- Experience troubleshooting Firewalls, Proxy and load balancers.
- Experience using network management tools and packet captures to resolve operational issues.
- Solid understanding of routing and switching.
- Basic knowledge of incident management, problem management, and change management best-practices.
- Strong verbal and written communication skills due to the need to communicate extensively with remote team members and vendors.
- A bias toward action, along with an internal drive for continuous improvement.
- Ability to prioritize, execute tasks, and make sound decisions in high pressure situations.
- Strong customer service orientation.
- High degree of self-motivation and self-direction.
- Ability to work in a fast paced, often changing environment, and find your own path in ambiguous situations.
- Proficiency with network monitoring.
- Proficiency with TCP/IP and IPv4; IPv6 desired.
- Linux competency.
- Moderate knowledge of networking fundamentals (TCP/IP, Network layers, Ethernet, ARP, etc.).
- Unix administration and application support in a Unix environment experience required.
- Moderate experience with Scripting (PowerShell, PERL, PYTHON, etc.).
- Experience troubleshooting web traffic protocols and decryption.
- Experience with Cisco IOS. Ability to locate a host on the network for incidents or troubleshooting.
- Working knowledge of Splunk to perform queries on logs.
Request Technology - Robyn Honquest