Lead Network Security Engineer

Job Description

This position follows our hybrid-friendly schedule, so you get the best of both worlds – flexibility and collaboration. In office days will be 2-3 per week averaging 10-12 days per month.

Job Summary :

The Lead Network Engineer is responsible for managing, designing, and improving RJ’s enterprise network, with a focus on NAC (Forescout / ISE) and routing and switching functions. He or she will assist network architects with design and implementation of network technologies. This role is responsible for senior level network engineering implementation and providing guiding principles and technical leadership to peer engineers, proactively taking technology project delivery from 0 to 100% with little to no supervision. General duties include leading the buildout of solutions and driving innovation for implementation of new modern technologies in the enterprise network. Partners with management and peer engineers to drive infrastructure modernization projects to completion and provides Tier3 technical support using extensive expertise to take on work assignments the team is engaged in. Strong people skills and the ability to balance / prioritize between multiple tasks and projects are essential. This position involves routing and switching and network firewall implementation projects for both on-prem and cloud infrastructure.

Responsibilities :

Primary focus is to implement technologies or changes to existing technologies as identified and designed by the architecture team.

Researches and recommends innovative technologies and approaches for enterprise infrastructure management, upgrades, or improvements.

Utilize and integrate network components such as switches, routers, firewalls, wireless AP / Controllers, SDN fabric components, load balancers, Network Access Control (NAC) servers and cloud infrastructure network elements.

Proactively identify and implement network improvements to assure the performance, resiliency, and redundancy of the network.

Utilizes blueprints to engineer solutions and adhere to enterprise standards (engineering focused, architecture supported).

Take disaster recovery and business continuity plan aspects into consideration for any new technology implementation or change.

Provides ad-hoc support for incidents requiring T3 level resources (engineering / architecture) and knowledge.

Use Microsoft Visio to produce and maintain documentation with regards to implementation of new systems or system changes

Participate in 24x7 on call rotation for SME T3 support requirements as needed.

Maintains service level agreements of departmental metrics, key performance indicators and adhering to strict project timelines.

Maintain / Improve security posture, promptly addressing issues, vulnerabilities, and security requirements according to regulatory guidelines (PCIDSS, PII, CIS, NIST)

Work collaboratively across a variety of business units to implement new technologies.

Coordinate and take lead of assigned projects in all technical and communication aspects.

Lead engineering peers towards achieving common goals in assigned projects.

Coach peer engineers and effectively perform knowledge transfer / cross training activities.

Provide technical leadership as an SME or as part of an Information Technology (IT) project.Lead in detecting and analyzing security incidents, including attacks, breaches, and identified vulnerabilities, and remediate any security gaps in line with the security incident management procedure.

Explore and develop a detailed understanding of external developments or emerging issues and evaluate their potential impact on, or usefulness to, the organization.

Provide fault isolation and resolution for complex challenges to limit and address issues promptly.

Discuss and recommend more complex or innovative technical developments to improve the quality of the website / portal / application software and supporting infrastructure to better meet users’ needs.

Act as subject matter expert in an area of technology, policy, regulation, or operational management for the team. Maintain external accreditations and in-depth understanding of current and emerging external regulation and industry best practices through continuing professional development, attending conferences, and reading specialist media.

Skills :

Experience in network design, implementation, and documentation of medium-large scale enterprise networks (10,000 users)

Experience using cisco enterprise technologies - CCNP Enterprise (R&S) knowledge level required, CCIE nice to have.

Knowledge of Layer2 LAN technologies (STP, VLANs, VTP, LACP)

Knowledge of modern high availability technologies (VPC, SVL, HSRP, VRRP)

Knowledge of routing protocols concepts (BGP, EIGRP, OSPF)

Experience with Forescout technologies.

Deploy and maintain Forescout NAC appliances in an environment of over 10,000 assets

Expanded Forescout capability through modules and security stack integrations (vCenter, Service Now, Qualys, Palo Alto, etc.)

Troubleshoot various types of issues with the Forescout platforms (authentication, 802.1x, quarantine VLANs, network reachability, logging, etc.).

Develop and maintain enforcement and posture policies

Create dashboards and automated reporting

Develop and maintain enforcement and posture policies

Create dashboards and automated reporting

Experience in designing, implementing and maintaining data center spine leaf fabrics (Arista / Cisco).

Experience with Cisco DNA Center

Experience with SDWAN technologies (Cisco, Palo Alto ION)

Experience with Cisco Wireless technologies in a large enterprise environment (Cisco WLC, FlexConnect, CAPWAP)

Works independently and provides guidance and training to others on analyzing data trends for use in reports to help guide decision making.

Acts as the organization's authority and established expert on understanding and using standard office equipment and standard software packages to support business processes.

Uses comprehensive knowledge and skills to work independently while providing guidance and training to others on developing appropriate plans or performing necessary actions based on recommendations and requirements.

Works at an advanced level to utilize the appropriate modeling tool(s) to diagram the requirements from data and state changes, process and process improvements, as well as use cases and user stories. Typically works independently and provides guidance.

Uses comprehensive knowledge and skills to work independently while providing guidance and training to others on planning, organizing, prioritizing and overseeing activities to efficiently meet business objectives.

Works independently and provides guidance and training to others while interpreting and applying comprehensive knowledge of laws, regulations and policies in area of expertise.

Uses comprehensive knowledge and skills to act independently while guiding and training others on monitoring, diagnosing and fixing technological problems.

Uses comprehensive knowledge and skills to act independently while guiding and training others on maintaining the security, integrity, compliance and continuity of IT systems and services.

Works at an advanced level to conduct gap analysis between current and future states to identify components of the overall change strategy. Typically works independently and provides guidance.

Licenses / Certifications :

Strongly Preferred : CCNP Enterprise (R&S), Arista ACE L3, Forescout Certified Professional (FSC)

Desirable : CCIE, PCNSE, CISSP, CISM, CISA, CRISC

Education

Bachelor’s : Computer and Information Science, Bachelor’s : Information Technology

Work Experience

Manager Experience - 13 months to 3 years

Certifications

SANS Offensive Security Certification - SANS Institute

Travel

Less than 25%

Workstyle

Hybrid

At Raymond James our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence and a conservative, long-term view.

We expect our associates at all levels to :

• Grow professionally and inspire others to do the same
• Work with and through others to achieve desired outcomes
• Make prompt, pragmatic choices and act with the client in mind
• Take ownership and hold themselves and others accountable for delivering results that matter
• Contribute to the continuous evolution of the firm

At Raymond James – as part of our people-first culture, we honor, value, and respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic selves, our organization, clients, and communities thrive. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.

LI-EB1