Matchpoint Solutions San Francisco , CA 94102
Job Title: Sr. Network Security Professional
Duration: 6 Months
Remote/Travel 75% nationwide
Qualified candidates must be able to travel 75% nationwide.
The Engineers role is to ensure that industry best practices and methodologies are applied to a network involving security, data, video, and wireless network services. This is achieved by planning, designing, and developing secure network topologies, In addition, the Engineer will oversee the installation, monitoring, maintenance, support, and optimization of all network security hardware, software, and and integration to management systems.
This individual will also analyze and make recommendations to the resolution of network security hardware and software problems in a timely and accurate fashion, and provide training to junior team members where required.
RESPONSIBILITIES:Qualified candidates will have 5 to 7 years of hands-on Cisco, Palo Alto or equivalent experience with a strong networking background. Qualified applicants will need to be specialized in Security and networking technologies such as: 802.1x, SNMP v1-3, Radius, AAA, IPSEC and IPS Soltuions (ISE, and NAC knowledge is a plus), but would also need to learn other Advanced Technologies (Wireless, Cisco Prime and MDM).
Deployment of new technology on customer premise
Integration into customer staff, culture, and processes
Assistance with project scoping and network design
A trusted advisor to customers and internal staff
Knowledge transfer and training to customer IT staff
QUALIFICATIONS:Must have experience with some or all of the following:
SourceFire expertise in design, configuration, tuning and customization of IPS features and signatures
Cisco ISE expertise in wired, wireless, VPN configurtions using device profiling, posturing, PxGrid, ThreatGrid and SGTs
Palo Alto Firewalls
Excellent understanding of PKI infrastructure, VPNs and secure device hardening
Routing and Switching expertise
AMP for Network and/or Endpoint
IronPort ESA and/or WSA Expertise
Palo Alto Traps
RSA and other multi-factor authentication mechanisms
Working knowledge of Cloud Security
Cisco-Meraki Security Products
SIEM Platforms (Splunk, ArcSight, Nitro LogRythm, etc)
Customized scripting in standard languages (Python, PowerShell, Java, etc) a plus
REQUIREMENTS:Cisco CCNP or CCIE Certifications are preferred.
This position requires US Citizenship with the ability to obtain Security Clearance. Excellent oral and written communication, customer service, and presentation skills required. The position would require about 75% travel and would primarily be focused in the delivery, or post-sales area.
The candidate however, should feel comfortable supporting the sales effort with presentations and meeting with customers.
Working technical knowledge of network control protocols (CoS, QoS,, NTP, DHCP, EoIP), network management protocols (CDP, TFTP, SNMP, NetFlow) and security protocols (802.1x, Radius, SSH, SSL, AAA, IPSec).
Cisco ISE experience required
Strong knowledge IP communication and routing is required (OSPF, EIGRP, BGP).
Experience with inter-company routing is preferred.
Understand WAN/LAN and transport technologies (Ethernet, MPLS, TDM circuits).
Understanding of overlay transport networks (GETVPN, DMVPN)
Strong interpersonal, written, and oral communication skills.
Strong expertise in documentation using Microsoft Visio, Word and Excel.
Experience with security solutions that align with customers compliance requirements and industry standards like PCI, HIPAA, ISO 27001, NIST, CSF, ITIL, COBIT, Sarbanes Oxley, ISO, SANS 20, etc
Excellent troubleshooting skills
Able to conduct research into networking issues and products as required.
Ability to present ideas in user-friendly language.
Highly self-motivated and directed, with keen attention to detail.
Proven analytical and problem-solving abilities
Able to effectively prioritize tasks.
Strong customer service orientation.
Experience working in a team-oriented, collaborative environment.
Cisco, Palo Alto, (Wireless, Cisco Prime and MDM), Cisco ISE, Cisco-Meraki