Senior Network Security Engineer

Job title: Network Security Engineer

Job location: New York, New York ( hybrid- 3 days onsite)

Job type: Contract W-2 (Sponsorship offered)

Cisco Firepower, Fortinet and Palo Alto firewalls, Splunk, Qualys

A global bank is seeking a Network Security Engineer to join their New York office. The Network Security Engineer must have hands-on experience in network security management. Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Network Security Engineer must bring extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation.

Responsibilities:

Infrastructure Oversight: Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity.

Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals.

Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents.

Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication.

Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments.

Audit and Security Coordination: Work closely with audit and IT Security teams to provide necessary documentation and implement remediation plans as required.

Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team.

Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region.

Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making.

Tool Proficiency: Proficient knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response.

Skills:

• Extensive understanding of network technologies – L2, L3, VXLAN, BGP, LAN/WAN/VPN
• Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods
• Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting
• Troubleshooting knowledge of network and security systems with minimal guidance is required.
• OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required.
• Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting.

Interested in opportunities specifically in United State? Discover our dedicated Visa Sponsorship Jobs in United State page featuring roles from top employers in this location.

• Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus
• Knowledge of scripting languages such as Python, PowerShell, or Ansible.
• Knowledge of Ansible Scripting is a plus

Education:

Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred.

8+ years of hands-on experience in network security management, preferably within the financial services industry.

Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation.

Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM.