Network Security Engineer

Network Security Engineers provide technical and project management leadership for the planning, design, and implementation of information system security solutions, procedures, and policies that help First Financial Bank achieve its information security goals and objectives. Network Security Engineers provide knowledge and experience within the Information Systems (IT) Network Security discipline. Emphasis will be placed on the design, operation, and management of network intrusion detection and prevention systems, endpoint security solutions, and security monitoring systems. They should also have knowledge of enterprise IT security best practices, TCP/IP networks, and network security architectures. A working knowledge of network firewalls, VPN solutions, endpoint security solutions, and wireless LAN (802.11) security protocols is also required. Network Security Engineers maintain and regularly update their knowledge of emerging information security solutions and will work with the company s external and internal business partners to properly secure their systems and applications. Network Security Engineers will be tasked with a large number of projects and programs. The team must have the ability to manage priorities and multitask while engaged on multiple projects. The ability to complete projects on schedule is also essential. Network Security Engineers will be expected to innovate by developing new and better ways to address security challenges in a continuously evolving field of technology.

Essential Functions/Responsibilities:

Configuration, administration, and operation of network security systems (90%)

• Cisco ASA 5000 Series
• Cisco Firepower sensors, NGFW/NGIPS, and Firesight Management Center consoles
• Network Access Control using dot1x and Cisco ISE
• Certificate based authentication
• Virtual Private networks
• PCAP analysis
• Manage security engineering projects

Secondary duties as assigned (10%)

• Malware and antivirus detection and removal systems
• Media and data encryption applications and systems
• Web content filtering and data inspection systems
• Email spam filters and content inspection systems
• Security event logging and monitoring systems
• Security incident response and resolution: Investigations and reports, including the use and support of computer
• Forensics tools (e.g., Encase)
• Vulnerability management and testing systems
• Evaluation, implementation and operation of new security solutions

Minimum Knowledge, Skills, and Abilities Needed to Perform Essential Functions of the Job:

• Must have an advanced level knowledge of Cisco ASA configuration, administration, and troubleshooting. This includes advanced command line knowledge. Knowledge of access-lists, NAT/PAT, inspection, object groups, and stateful failover should be at an advanced level.
• Knowledge of Cisco SSL VPN technology including AnyConnect 4.x should be at an advanced level.
• Must have advanced knowledge of Cisco Firepower 5.x or 6.x. This includes advanced knowledge of intrusion policies, access control policies, signature tuning, and event review.
• Experience remediating security issues, patching and upgrading network security systems, and performing major upgrades to network security systems.
• Experience responding to security incidents and conducting network forensics.
• Advanced knowledge regarding TACACS, RADIUS, dot1x, and certificate-based authentication. Management of Cisco ISE is required.
• Advanced knowledge of Netflow
• Advanced knowledge of data networking including TCP/IP, packet analysis, routing, switching, etc.
• Strong ability to learn new skills

Preferred Knowledge and Skills:

• Knowledge of endpoint security products such as encryption, antivirus, and antimalware products.
• Knowledge of products used for security scanning and testing
• Knowledge of Splunk Enterprise, syslog, and SIEM products
• Identity management
• Data loss prevention (DLP)

Level of Complexity and Scope:

• Manage a complex environment of network security controls.
• Tightly integrate network security systems with leading edge networking devices (routers and switches) managed by the Network Services team.
• Detail oriented approach to project management and implementation
• Work closely with the Director of Information Security Technology and level 4 engineers to architect network security solutions

Degree of Independence and Decision-Making:

• Must be able to work independently on tasks and work with more senior members of the team to improve processes in the Security Engineering team.
• Must be a self-starter, seek opportunities to make improvements, and recommend solutions to senior members of the team and management.