Network Security Design Engineer
The Network Security Engineer under immediate supervision, assists in design, test, and implementation of state-of-the art secure networks, operating systems, and database products. Analyzes security issues including architectures, firewalls, electronic data traffic, and network access.
The team is tasked to provide network security expertise in support of projects to include concept development and system requirements management and review, design and analysis support, reliability and supportability analysis, platform-level inter-subsystem interface definition, integration, test and evaluation, obsolescence investigation, programmatic support.
• In this role, you should have excellent problem-solving skills and thorough knowledge of IP network and network security. You are expected as an SME in the network security knowledge domain.
• Architect, design, evaluate and test Firewall, DDOS, Proxy, Content filter, AAA and security controller, etc.
• Create architecture proposal, design, evaluation and test plan, and configuration standard document.
• Test network, firewall, DDOS, Proxy, Content filter, AAA and security controller, etc. function and performance, include new architecture proof of concept test, change procedure test, upgrade regression test.
• Collaborate with operation teams to make sure related standards and procedures are followed.
• Provide configuration and troubleshoot training to operation teams.
• Provide tier-4 escalation support to operation teams, on call on a rotational basis.
• Bachelor’s degree in technical field required.
• More than 10 years of experience in IP network and network security engineering design, and implementation as applied to complex computing systems.
• CCNP security and above level of network security engineering or operation knowledge and experience
• Strong knowledge and hands-on experience on Juniper SRX or Cisco ASA/Firepower, or Palo Alto Firewall
• Knowledge and experience on L4 – L7 application firewall
• Experience in IPS/IDS system
• Experience with design and implementation of site to site VPN
• Unix/Linux system administrator or engineering experience
• Knowledge and experience of Python, Perl or other script languages a plus
• Experience in IT security, DDoS mitigation and auditing a plus
• Exceptional documentation skills that can clearly articulate technical designs, issues and constraints, procedures, and network assessments
• Strong communication skills and a positive attitude
• Strong analytical and problem determination/resolution skills
• Self-motivated, Self-Reliant, Self-Starting, Go-Getter, Attitude of ownership, and A strong desire to learn
• Works well in an engineering environment that requires communication and collaboration with fellow team members, and cross functional teams