Security Infrastructure Engineer, Senior
This position will perform a combination of security design and implementation work, as well as security testing and implementation of new products or enhancements to current products. This position is responsible for the support of the production environment which ensures the appropriate security policies and practices are implemented and enforced. This position will be the technical SME security resource to multiple Arrow teams for functionality, integration and installation related questions on all infrastructure maintenance and development questions.
• Design, configure, implement and maintain all security platforms and their associated software, such as routers, firewalls, intrusion detection/intrusion prevention, anti-virus, URL Filtering. • Design, review and ongoing assessment of firewall, intrusion detection/intrusion prevention, VPN, SSL, application control, Load Balancer, DNS and other network component policies. • Daily triage and update/resolution of tickets generated by CRM ticketing system and respond to inbound phone and electronic requests for technical assistance. • Ensure network security best practices are implemented through auditing: router, firewall configurations, change control, and monitoring. • Coordinate and monitor log analysis for our managed services offerings, to ensure customer policy and security requirements are met. • Follow project management methodology and demonstrate best-practices in network documentation as required • Manage situations in a professional and courteous business manner with an emphasis on customer satisfaction, while timely keeping the customer abreast of expectations, problem status and completion. • Liaise between engineering and other departments on security related items. • Other duties as assigned.
• Knowledge of security network devices (Palo Alto Firewalls, F5 Load Balancers, Infoblox DNS, IPAM appliances, Web Proxy, etc.) and other security networking hardware/software tools. • Knowledge of Private Cloud based secure deployments (Azure) as well as Cloud based application security (Office 365, Skype).
• Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting • Experience in LAN and WAN technologies, network design, network management etc. • Strong understanding of TCP/IP, subneting, routing, access control lists, firewalls, IPsec VPN, NAT and network traffic analysis. • Strong organizational skill and be able to attend to and prioritize projects. • Demonstrable analytical and technical aptitudes with focus on identity and alleviating the root cause of the issue; solves the whole problem. • Proven ability to thrive and respond to frequent demands of multiple constituents, both internal and external, in a customer centric manner and high demand environment.
Wireless security, 2 factor authentication support experience. Understanding of Radius, Tacacs+, protocols ClearPass based deployment. Ability to work with Juniper firewalls, Unix\Linux based systems, and scripting is a plus.
• Minimum 2 year hands on Palo Alto experience.
• Preferred professional certification include: PCNSE, ACE, CCNP, CISSP, F5-CTS, F5-CSE
• Bachelor’s Degree in Information Systems or Computer Science preferred. • Minimum of four years’ experience with information technology. • Minimum of two years’ experience with information technology security. • Excellent communication skills and experience working in a collaborative environment, or as an individual contributor.