The Network Security Engineer with Zscaler Exp (Level 3) is responsible for analyzing, designing, installing, configuring, supporting of network and network security infrastructure and application components.
* Maintain a thorough understanding of Local Area Networking and WAN.
* Designing, deploying and supporting Zscaler Cloud based Infrastructure across various Data Centers and Disaster Recovery environments
* Manage and configure Bluecoat, ZScalar proxy devices
* Migrating the policies from on premise Bluecoat to Cloud Based Zscaler Proxy service in tandem with various application owners.
* Understand the Traffic Flows for both Https (web Traffic) standard and custom application-based traffic and accordingly design solution around it for Firewalling and Proxy services.
* Whitelisting IP space for various Project team to access external vendors access to ensure safe and secure connectivity.
* Work on Palo Alto Zone based Firewalls to create Zones and Policies for various segment of the network and accordingly troubleshoot any connectivity issues thereof across various Security Zones viz – DMZ, DAZ, BEZ, userDMZ, User Zone etc.
* Assist in the design of multi-server environments including IP address schemes, DNS, WINS, Ether-Channel (Bonding), etc.
* Provides network systems Engineering support to users for
- Cisco ASA, Checkpoint and Palo Alto Firewalls
- F5 Big IP load Balancers
- Blue Coat Proxy
- Cisco Routers, Cisco Switches, Wireless Devices
- InfoBlox IPAM
- AWS Infrastructure Exp. is good to have
* Managing assigned projects and program components to deliver services in accordance with established objectives.
* Work with internal applications teams and design and implement appropriate network solutions
* Provide Technical Support for issues escalated by Level 2 Operations
* Maintain a thorough understanding of the basics behind the Internet and its workings (DNS, Security, IP Routing, HTTP, VPN, Email Routing, SPAM, etc.)
* Coordinates activities with other system areas and vendors, and deals with network security systems planning, upgrading, monitoring, testing and servicing.
Job Types: Full-time, Contract
Salary: $100,000.00 to $125,000.00 /year
- Network Security Engineer with Zscaler: 5 years (Required)
- More than 1 year
Full Time Opportunity:
Last 90 Days
- Experience with any of the following Firewalls: Cisco ASA, Palo Alto Networks, Forcepoint StoneSoft, and McAfee Enterprise Firewalls
- Experience with any of the following router/switches: Cisco ASR, HPE Comware, HPE ProCurve, Arista
- Experience with network design for Hadoop, VMware, and Windows/Linux environments
- Comfortable working with other division network teams to identify connection points
- Experience with the management, configuration, change control, and incident resolution using JIRA, Gitlab confluence
- Strong level of knowledge with LAN switching and VLANs including VRF’s
- Experience with deploying and maintaining network-monitoring tools, such as Whats UpGold
- Working knowledge with Netflow and SNMP for monitoring the enterprise
- Experience with OSPF, OTV, STP, VRRP, LACP
- Experience with port security
- Experience with VMware vSwitches and Distributed vSwitches
- A minimum of a IAT Level II (DoD 8570.1M) certification is required: e.g. GIAC Security Essentials - GSEC; CompTIA Security+ CE; Security Certified Network Professional - SCNP; Systems Security Certified Practitioner - SSCP
The majority of work will be performed in Chantilly, Virginia, which is located approximately 25 miles west of Washington D.C., near the Dulles International Airport. The selected Network Engineer will support a 6+ year contract that General Dynamics recently secured.
- The candidate should have network engineering and administration background
- Candidates on a daily basis will work closely with a team of System Engineers and Administrators to maintain and enhance the customer’s Insider Threat big data security analytic network. Additionally you will work with external customer networks to identify ways to integrate and route data off their networks
- Candidates should be capable of designing and implementing unique network solutions in a cross-domain environment
- Candidates should be comfortable with identifying and implementing routing changes on perimeter firewalls
- Candidates must be comfortable with independently designing and identifying network optimizations and implementing network changes
- Must have strong network routing and troubleshooting experience. A strong candidate will have worked in a multi-vendor network with various routing equipment including firewalls
- You will plan for network upgrades and work closely with team leads to forecast hardware procurements
- You will have direct influence for future network design and implementations and the system scales and grows
- Candidates must be self-starters, comfortable with spending time in a data center, and have the aptitude to work independently
- Work closely with technical and non-technical Insider Threat Subject Matter Experts (SMEs) to identify risks to the infrastructure and implement design controls to mitigate
- Meet frequently with other division network engineers to develop a plan of action for integration
- Work closely with System Engineering team to deploy new servers and participate in the design of new distributed infrastructures such as Hadoop
- Create and update network diagrams (Visio)
- Monitor router and firewall performance and remediate throughput issues
- Patch and update router and firewall hardware
- Identify single points of failure and comfortable developing and implementing a plan of action to mitigate
- Examine current hardware and system designs to mitigate security findings
- Develop and maintain change management plan
- Write A&A documentation and ensure the systems operate in accordance with these security plans
- Designs and plans network systems
- Provides specifications and detailed schematics for network architecture
- Provides specific, detailed information for hardware and software selection, implementation techniques, and tools for the most efficient solution to meet business needs, including present and future capacity requirements
- Provides technical analysis in data network planning, engineering, and design
- Provides analysis for implementation techniques and tools for the most efficient solution to network problems
- Maintains technical expertise in all areas of network and computer hardware and software interconnection and interfacing, such as routers, multiplexers, hubs, bridges and gateways, etc.
- Coordinates third party maintenance for network equipment and troubleshoots problems with department users and department network administrators
- May develop uniform operation procedures
- Conducts testing of network systems
- Evaluates and reports on new network technologies to enhance capabilities of the network
- Subject matter expert (SME) in one discipline/field and developing working knowledge in adjacent disciplines/fields
- Fully proficient and able to perform all responsibilities associated with the position
- Grasps and applies new information quickly
- Fully proficient ability to handle more complex assignments
- Develops solutions to a variety of difficult problems of considerable scope and complexity, using established precedents and policies
- Complete understanding and wide application of technical principles, theories and concepts in the field
- Contributes to completion of specific programs and projects
- Work is reviewed upon completion for adequacy in meeting objectives
- Independently determines and develops approach to solutions
- Solutions are imaginative, thorough, practicable and consistent with organization objectives
- Works under general direction
- Represents organization in providing solutions to difficult technical issues associated with specific projects
- Frequent inter-organizational and outside customer contacts
- Failure to obtain results or erroneous decisions or recommendations would typically result in serious program delays and considerable expenditure of resources
- Shows initiative on assignments, exercises independent judgment and professionally executes projects with little direction
- Contributes to the completion of specific programs or projects
- Requires fully proficient analytical, research and project management capabilities
PREFERRED DEGREE TYPES AND EXPERIENCE:
- DoD 8570.1M IAT-II compliant
- Network certification preferred (E.g. CCNA)
- Experience with COOP and datacenter failover is a plus
- Experience with Cross Domain Solutions (CDS) is a plus