Perimeter Security Engineer
Job ID: 110164
Location: Albuquerque, NM [Remote]
Salary: $53.00 - $55.00 Hourly
Category: Infrastructure
Employment Type: Contract
Our client is seeking a highly skilled a Cybersecurity Engineer to support Perimeter Release & Deployment (new deployments of Security Systems in support of high-profile projects) and Lifecycle Management Refresh initiatives (Upgrading Hardware and Software to mitigate End-of-Life equipment or Non-Permitted Technologies). The Perimeter Engineer candidate will support technical initiatives addressing strategic projects and BAU work. Responsibilities include technical planning, logistics, and successful execution to achieve annual commitments and targeted schedules while incurring zero impact to the network. Work types include but are not limited to deployment of new secure environments, increasing capacity, hardware and software refreshes, migrations and decommissions.
The candidate will require knowledge and real-world experience with Firewalls and IDS/IPS’s to deliver on the technical needs of this position. Seeking a polished Engineer with excellent written and oral communication skills. Must have a proven track record interacting with various levels of management, clients, and technical team members to plan and deliver technical Perimeter solutions.
The candidate must possess the ability to analyze and understand a variety of existing and evolving requirements and interact with peer technology teams to effectively deliver on business needs. This position will require the ability to manage multiple technical project engagements requiring the candidate to be a team player that can also work independently to manage multiple deadlines, priorities and a diverse set of applications and requirements.
Key Responsibilities:
- Responsible for Release & Deployment project delivery and Lifecycle Management activities. Performs technical assessments to fully understand a variety of complex technical requests, vetting of the proposed solution, plan development, scheduling, and the implementation of these changes, which delivers the intended outcome along with zero impact to the production network.
- Detailed implementation plans will be reviewed for all designs, pre and post validation procedures, UAT acceptance criteria, and back-out plans. Candidate must understand how designs turn into implementation, and those implementations to be based upon standards and predefined runbooks.
- Operate quality assurance functions prior to each implementation to meet engineering standards and mitigate risks. Proactively raise questions and/or concerns to the Design Engineering team to address them prior to change implementation.
- Build and Operate various Firewall platforms (Fortinet, Checkpoint, TippingPoint IDS/IPS) and respective management systems.
- Adheres to work effort and project close-out practices such as database updates, asset tracking, inventory systems, records retention, and the related systems, tools, and process updates.
- Works with Perimeter Security Architecture and Engineering Teams to share knowledge in support of new technology adoption, systems enhancements/automation, or process changes. Identify opportunities to improve service delivery and objectively measure the effects of these efforts over time.
- Ability to work nights and weekends as required to support implementation activities.
- Understanding of the Bank’s Network Infrastructure and associated Risk Management practices are highly recommended to remain successful.
- Knowledge of DMZ Networking and Cisco Routing/Switching is a plus
Required Skills:
- Ability to work nights and weekends as required to support implementation activities.
- Building/operating various firewall platforms including Fortinet and Check Point
- Excellent oral and written communication – must be able to communicate at all organizational levels. Strong communication skills to work with senior management to provide status updates, deliver requirements and report details at correct level.
- Strong attention to detail and ability to follow an existing refined process, while also seeking continual improvements. Assess and advise of solutions to improve processes.
- Strong analytical, problem solving, and organizational skills required.
- Proven ability to effectively collaborate with others, make decisions to initiate action, and adapt to change.
- Bank experience highly recommended along with comprehensive knowledge of business unit’s functions.
- Proactively engage to assess readiness and ensure zero impact from changes.
- Leadership skills during technical troubleshooting triages – strong analytical skills.
- In depth engineering experience in perimeter solutions, including the design, low level engineering, and delivery of new hardware systems for client applications across the enterprise DMZ.
- Development and maintenance of High Level and Low-Level Design diagrams/documentation.
Desired Skills:
- Experience with FortiManager, FortiAnalyzer, and Check Point Provider 1 Management Systems (Smartview Manager and Tracker).
- Experience with IDS/IPS products (i.e. TippingPoint and Fortinet).
- Strong knowledge of network routing/switching (routing protocols, multicast, other LAN protocols).
- Functional understanding of diverse set of networked applications requiring perimeter management solutions, including HTTP, HTTPS, SSH, FTP, DNS, NTP, ANYCAST services, and others.
- DMZ Network infrastructure knowledge including topology, security policies, firewalls and the L2/L3 switch and router infrastructure.
- Programming skills a plus: sh, Perl, Python, Golang, C, C++.
- Administrator level ability with UNIX (Linux or another variant) is highly desirable.
- Bachelor’s degree or equiv8 years of IT experience with Firewall solutions (building FWs from scratch).