Network Security Engineer@Newport Beach, CA - Diverse Linx

Role : Network Security Engineer

Location : Onsite - Newport Beach, CA

Job Description:

What are the top 3 skills required for this role?

1. Manage & Administer Checkpoint & Palo Alto firewall, Zscaler Proxy (ZIA , ZPA, ZDX) and Imperva WAF.

Configuration, Change, Problem Management and administration of following security technologies. Provide Level 1, Level 2 & Level 3 support for,

2. Daily service availability monitoring and validation proper collection of firewall logs.

Checkpoint & Palo alto firewall, Imperva WAF and Zscaler Proxy (ZIA, ZPA).

Configure / Tune / Administration of rules.

Device management / Firmware upgrade.

Implement remediation as per recommendation and guidelines from Security Monitoring service provider limited to capability of toolsets

Manage & Administer Checkpoint & Palo Alto firewall, Zscaler Proxy (ZIA , ZPA, ZDX) and Imperva WAF.

Configuration, Change, Problem Management and administration of following security technologies. Provide Level 1, Level 2 & Level 3 support for,

Daily service availability monitoring and validation proper collection of firewall logs.

Checkpoint & Palo alto firewall, Imperva WAF and Zscaler Proxy (ZIA, ZPA).

Configure / Tune / Administration of rules.

Device management / Firmware upgrade.

Implement remediation as per recommendation and guidelines from Security Monitoring service provider limited to capability of toolsets.

The candidate must provide high and detailed Low Level designs for network and security, implementation skills and combine technical intelligence with communication and presentation abilities. This canidate needs to have strong hands-on experience in Cisco networking and ideally experience with Cisco ASA and/or Palo Alto & Checkpoint Friewalls.. This postion requires canidate to do the specific device configuration of all networking equipment.

Candidate must be able to assume ownership of assigned task/project and make relevant deisng decisions needed to provide requested deliverable based on client requriements that meet the CIS Technical Standards.. . Works on advanced, complex technical projects or business issues requiring state of the art technical or industry knowledge. Works with overall Project management and timelines and communciation.

Maintain a thorough understanding of Local Area Networking and WAN.

Designing, deploying, and supporting Zscaler Cloud based Infrastructure across various Data Centers and Disaster Recovery environments.

Manage and configure, Zscaler proxy devices.

Understand the Traffic Flows for both Https (web Traffic) standard and custom application-based traffic and accordingly design solution around it for Firewalling and Proxy services.

Whitelisting IP space for various Project team to access external vendors access to ensure safe and secure connectivity.

Work on Palo Alto Zone based Firewalls to create Zones and Policies for various segment of the network and accordingly troubleshoot any connectivity issues thereof across various Security Zones viz DMZ, DAZ, BEZ, userDMZ, User Zone etc.

Assist in the design of multi-server environments including IP address schemes, DNS, WINS, Ether-Channel (Bonding), etc.

Provides network systems Engineering support to users for Cisco ASA, Checkpoint and Palo Alto Firewalls, SolarWinds IPAM

Daily operation supports of Firewall/Proxy including configuring, upgrade, rule creation and modification,

Monitors system resource allocation and utilization.

Setup and manage Site-to-site VPN connections

Perform tuning and optimization of firewalls and firewall policy.

Perform tuning and optimization of proxy and proxy policy.

Troubleshooting firewall/Proxy issues and Perform root cause analysis utilizing logs, and analytical tools.

Support technology refresh.

Support develop and maintain firewall/proxy related documentation.

Follow change process to prepare and review Firewall/Proxy changes.

Work with application teams and users to troubleshoot application/user access issues.

Managing assigned projects and program components to deliver services in accordance with established objectives.

Work with internal applications teams and design and implement appropriate network solutions

Provide Technical Support for issues escalated by Level 2 Operations

Maintain a thorough understanding of the basics behind the Internet and its workings (Security, IP Routing, HTTP, VPN, etc

Coordinates activities with other system areas and vendors, and deals with network security systems planning, upgrading, monitoring, testing, and servicing.

Perform the Customer facing role for security operational teams having knowledge & experience on security product and support on IT Security based services to a specified group of external global/corporate customers.

Provide a high level of technical support to our customers.

Triage, Review and implement standard security specific changes in line with Customer security policies and change control processes.

Own complex customer issues and see them through to resolution.

Take the initiative and advise our customers on how automation can enhance the stability and security of their solution.

Troubleshoot complex network environments and providing detailed analysis and fixing issues within contractual obligation and SLA.

Hold accountabilities for all operational and technical support within Security service operations.

Configure, plan, install, maintain, and optimize network systems, equipment, and applications ensuring network protocols and security policies are used effectively.

Ensure that all agreed communication, notification, updates are delivered in timely manner.

Knowledge of device health monitoring tools and systems.

Adhere to change and incident management process.

Collaborate with Account Managers and Business Development Consultants to build strong customer relationships.

Collaborate and share knowledge with other Engineers and Administrators on the support floor.

Managing network security infrastructure, including firewalls, proxies, web filters, ACLs, and network access control

Troubleshoot Network Performance issues

Remote Restarts of Component after Outage/Activities

Troubleshoot and resolve LAN/WAN, Internet/Extranet and Cisco ASA remote access VPN related network incidents involving Bluecoat Proxy, Checkpoint Firewall, Cisco AnyConnect VPN (Infra level), Proxy Zscaler, RSA (Infra level), Imperva WAF, Tufin, Backbox, and Performance Management technologies.

Additional Information:

1. Candidate should demonstrate his architect, automation and implement best practices that are being following the industry

2. Meeting the deadline is key factor to success

3. Communicate all the stakeholders proactively for technical and process related activities

12.00 Years of Experience