Network Security Engineer

Hi,

This is Amit Kumar from Redleo Software Inc. Please review the job description below and contact me at xxxxxxxxxxxxxxxif interested.

Position : Network Security Engineer
Employment : Long Term/Contract
Location: Onsite/ New York, NY 10020 
Interview Format: In Person Interview

Title: Network Security Engineer 

Interview will be onsite & face-to-face. 
Must have recent banking client exp
Must Have : 15+ Work Experience 
Location: Full Onsite in either or both Midtown or/and Downtown office 

Job description: 

Job Summary 
We are seeking a dynamic and highly skilled Network Security Engineer to join our team. In this pivotal role, you will be responsible for designing, implementing, and maintaining robust network security measures across diverse IT infrastructure environments. Your expertise will ensure the confidentiality, integrity, and availability of our organization’s data and systems. This position offers an exciting opportunity to work with cutting-edge security technologies, influence security policies, and respond proactively to emerging threats. If you thrive in a fast-paced environment and are passionate about safeguarding digital assets, we want to hear from you! 

Description (must have) 

·         Hands-on Palo Alto design&Architecture, configuration, deploy&management experience

·         Strong Network Security Framework knowledge & experience 

·         Strong Cisco ACI, Palo Alto Firewall, Fortinet (Replacing Cisco ASA) 

·         Microsoft Defender, Zscaler, Carbon Black 

·         Network: Replacing Switches, Vulnerability, VLAN, OSPF/BGP 

·         Network Security: Firewall (Palo Alto/Fortinet) - Rules, Upgrades, VPN, Logs, DLP and SOC 

·         Some physical work at datacenter

·         Must have recent banking client exp 

·         Duties

·         Develop and enforce comprehensive network security strategies aligned with industry standards such as NIST and ISOxxxxxxxxxxxxxxxto protect organizational assets.

·         Configure and manage network security devices including Cisco ASA firewalls, Cisco ISE for identity management, IDS/IPS systems for threat detection, and VPN solutions for secure remote access.

·         Conduct vulnerability assessments and penetration testing to identify potential weaknesses within LAN, WAN, SAN, and cloud infrastructure environments like AWS and Google Cloud Platform.

·         Monitor network traffic using SIEM tools such as Splunk or SolarWinds to detect suspicious activities, perform log analysis, and initiate incident response procedures promptly.

·         Implement system hardening techniques on operating systems including Linux (Debian, CentOS, Ubuntu), Windows, macOS, and UNIX variants to minimize attack surfaces.

·         Manage encryption protocols such as IPsec, SSL/TLS, PKI (Public Key Infrastructure), and FIPS standards to secure data in transit and at rest across diverse platforms.

·         Lead incident recovery efforts by executing disaster recovery plans, system security plans, and threat detection & response strategies in accordance with FISMA and FedRAMP compliance requirements.

Skills

·         Extensive knowledge of computer networking concepts including LAN/WAN architecture, routing protocols (OSPF, BGP), TCP/IP stack, DHCP/DNS services, and network protocols.

·         Hands-on experience with firewall management (Cisco ASA), network support tools (SolarWinds, PRTG), load balancing solutions, and high availability configurations.

·         Proficiency in scripting languages such as Python or Bash for automation of security tasks and system administration activities.

·         Strong understanding of vulnerability management frameworks like DREAD or CVSS; experience with vulnerability research and assessment tools.

·         Familiarity with cloud computing platforms (AWS, Azure) including cloud architecture design principles for secure deployment.

·         Knowledge of identity & access management (IAM), RBAC policies, SSO integrations (Active Directory), LDAP directories, GPOs, and open-source tools like Ansible or Terraform for infrastructure automation.

·         Ability to analyze network traffic using tools like Fiddler or Wireshark; conduct computer forensics; implement system security hardening measures; perform threat intelligence analysis.

·         Understanding of compliance standards such as PCI DSS for payment systems; experience with incident management frameworks like ITIL; adherence to SDLC processes for secure software deployment. Join us to be at the forefront of cybersecurity innovation! Your expertise will help shape resilient defenses against evolving cyber threats while advancing your career in a collaborative environment committed to excellence in information security.