Press ENTER to skip to the job description.

Remote - Information Security Engineer

  Apply Now  

Key Must Haves:Palo Alto experience, Cisco ASA experience, Cisco or Arista routing and switching. load balancing, experience with AWS.
Region:Global
Skills Required:No Palo Ace certifications

6 months contract - will go long term

A strong multi-tasker with a keen eye for detail, a successful Information Security Engineer should be familiar with common security exploits/vulnerabilities & their remediation.  Experience conducting periodic scans of networks to find any vulnerability. Strong experience in working with penetration testing results and driving solutions towards remediation.  

Monitor organization’s networks and systems for security breaches or intrusions.  If a breach has occurred, the Information Security Engineer leads incident response activities to minimize the impact. Afterwards, they lead a technical and forensic investigation into how the breach happened and the extent of the damage. They prepare reports of their findings to be reported to management.  Information Security Engineers help plan and carry out an organization’s information security strategy. They develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. They develop strategies to respond to and recover from a security breach. 

 Information Security Engineers install and use software, such as firewalls and data encryption, privilege access management programs, to protect organizations’ sensitive information.  

They are well organized and thrive in fast-paced, high-energy scenarios. The candidates we are seeking should have the following security skills. 

  • The individual will need to be very organized, flexible, results oriented and able to multi-task to meet the demands of our dynamic environment 
  • The candidate should be a self-starter, be able to work with minimal supervision, properly and effectively communicate project/work status to management and peers, take full ownership and responsibility of the tasks assigned to her/him and work them through completion. 
  • The candidate should be able to demonstrate both technical capabilities and in-depth knowledge of various security and network concepts, technologies and best-practices. 
  • The candidate should have the ability to convey in non-technical terms complex technical explanations related to problems, designs, etc. 
  • 5+ years of firewall configuration experience to include:  
  • Policy, NAT and VPN (L2L, RA, SSL) configuration 
  • Palo Alto and Cisco ASA experience a plus 
  • 5+ years of cisco routing and switching experience.   
  • Should have excellent understanding of L2 &L3 
  • 3-6 years of experience in overall IT network and security engineering and support 
  • Must be comfortable with Linux and command line tools/troubleshooting RHEL. 
  • Should have solid understanding of SSH port forwarding.  
  • Good understanding of security technologies such as firewall, load balancing, proxy, authentication methods 
  • Technical experience with SNMP based monitoring systems and working knowledge of such systems is highly desirable (Nagios, Grafana, zabbix) 
  • Troubleshooting know-how of network and security systems with minimal guidance is required. Low-level (packet-level) network and application protocol analysis and troubleshooting experience is required. 
  • Excellent oral and written communication and documentation skills are essential. 
  • Should provide examples of written documentation 
  • Should provide example of any network diagrams they drew or maintain. 
  • The successful candidate will need to have a good understanding of industry leading network and security technologies from a design, engineering, and troubleshooting perspective. 
  • Among these technologies, knowledge of Arista network design, configuration and troubleshooting is a definite plus 
  • Provide technical support for the network, security and monitoring systems. 
  • Assist other Infrastructure engineers with network / security related issues. 
  • Share the responsibility for operational support issues and ad-hoc request processing. 
  • Opening support cases with various hardware / software vendors, telecom providers / carriers and work on the cases through complete resolution. 
  • Work / coordinate with end users, as needed. 
  • Provide after-hours and weekend support as per the On-call schedule and/or as needed. 
  • Provide technical support for the network, security and monitoring systems. 
  • Work with internal and external IT auditors to provide necessary audit evidence and documentation (SOX, PCI, CyberSecurity) 
  • Manage the monitoring system(s) for the network and security infrastructures, develop monitoring requirements, maintain alerting and escalation policies, and produce periodic system health and utilization reports. 
  • Strong collaboration with other infrastructure teams, various application development groups, other members of global technical services, and with business unit representatives to oversee and coordinate new implementations, as well as providing ongoing support of applications in the network and security environment. 
  • Analyze the requirements, provide design and implementation recommendations in accordance to company’s standards and best practices, and provide the necessary documentation in the design, implementation, and system maintenance relevant to the applications. 
  • Enforce and follow policies and procedures for projects and task management, exercise best practices in system installation, configuration, redundancy, and system monitoring. 
  • Collaborate with the local/global IT teams to accomplish short- and long-term goals, manage the project plan and execution processes, and actively participate in all project phases. 
  • Manage the remediation of the network and security environment issues on a regular basis in order to meet all business requirements. 
  • Knowledge of scripting languages such as Perl or Python is a definite plus 
  • Knowledge of configuration automation tools like Ansible, Puppet or Chef 

 

Network Security Engineer - Case Study

  1. You get a call in the middle of the night that there is a production outage, checkout is not working and they believe it’s a network/firewall issue.  Walk me through the questions you would ask and your troubleshooting methodology.
  2. You are troubleshooting a new VPN issue; the tunnel is not establishing.  Walk me through the questions you would ask and your troubleshooting methodology.
  3. You are troubleshooting an ssh  connectivity issue between two servers. The user is claiming this used to work. Walk me through the questions you would ask and your troubleshooting methodology. 
  4. Your troubleshooting an ssh connectivity issue to a server.  You see the originating syn, but never see a connection establish and eventually firewall logs a syn-timeout.   Walk me through the questions you would as and your troubleshooting methodology. 
  5. You are asked to deploy a rule that allows server X to any destination and any service.   How would you handle that request?  
  6. Provide two sanitized examples of network diagrams you personally developed.
  7. Provide two sanitized version of documentation you personally wrote.

  Apply Now