We are currently sourcing candidates for a Network Security Engineer at our Fabricated Products Division, headquartered in Newton, MA.
Essential Functions & Responsibilities
Global design, deployment and management of companys MPLS, SDWAN, WAN/LAN, Internet, wireless and remote access environments.
WAN Manage telecom vendor relationship, global MPLS network. Work with carrier to resolve circuit issues, new circuit deployments, and any performance issues.
Network Routing and Switching: Cisco Catalyst, Cisco Nexus, OSPF
Firewall - Palo Alto Design and manage firewall deployments across global network in the datacenter, production sites, and remote offices. Manage firewall policies, AV, IPS, URL Filtering, respond to security alerts from these systems.
Network Hardware management Automated configuration management using RANCID for config archiving and change management
Linux Server Administration Syslog archiving with syslog-ng or ELK, bandwidth graphing with Cacti, General Python scripting.
Remote Access VPN Pulse Secure, Palo Alto Globalprotect Manage and maintain remote access VPN environment utilizing role based access restrictions for remote and traveling users.
Site to Site VPN Configure and maintain remote sites connected via IPSec VPN
Wireless Aruba Networks Configure and maintain multiple controller based wireless environments located at sites around the world. Manage licensing, support, failover, EAP-TLS authentication process including RADIUS authentication servers. Mobile device connectivity using certificate-based authentication.
Defines and implements global security policies, standards, guidelines and procedures to ensure on-going maintenance of security.
End User Security Manage employee security awareness training efforts.
IT Infrastructure Security Manage teams response to major software/OS/Firmware vulnerabilities as they are announced and coordinate patching with team, audit patch deployment in environment. Drive projects to address end of life hardware and software in environment. Audit endpoint patching to ensure regular updates are happening across all devices, work with system administrators to resolve any issues.
DNS Manage internal and external DNS Infrastructure.
DHCP Manage dynamic client IP infrastructure.
IPAM Manage IP network assignment and subnetting across all sites.
Internal PKI operate as part of team to manage internal domain PKI.
VMware administration operate as part of team to manage VM environment with primary responsibility for datacenter networking.
Support Serve as escalation point for IT service desk for issues relating to networking or security.
Endpoint Security Manage endpoint security software suite (Trend Micro), maintain environment, respond to security alerts from endpoints and coordinate with support desk.
Develops scopes of work, manages, and implements I.T. projects from conception through procurement and execution.
CCNP, Change Management, Cisco, Disaster Recovery, LAN, Management, Networking, Network Engineer, Networks, Project, Protocols, Security, Supervisor, TCP/IP, Video, VPN, WAN, Wireless, Palo Alto, Wind
H.C. Starck Inc.