Network Security Engineer

Firewall Replacements End of Life hardware.

• Verification of Bill of Material, receive / Inspect / Burn-in the newly received hardware
• Identify power requirement, cabling and space requirements for the hardware
• Create a low level design documentation, including host names as per Naming Convention Deployment Guide Lines (DGL), Interfaces Mapping,
• Review Networker and iServer for the End of Life (EOL) devices to be replaced
• Review Switches and Routers for port availability and check routing configuration, etc. (consult with GNS Engineering)
• Develop a Cable Patch schedule for the Firewall Cluster
• Create and Prepare NetAppls entries
• Review Console cabling setup for the new devices
• Create Service Now Request to Rack / Stack and cable devices
• Verify Console Access of the newly installed devices
• Check the OS version of the new Firewalls.
• Build the Firewalls with the proper OS as per DGL.
• Create the base configuration for the Firewalls
• Create Service Now Change request couple of weeks in advance to provide application owners time to support pre & post testing
• Attend CAB Meetings to support Changes by Local DB Party
• Finalize pre-prod configuration of the firewalls.
• Bring the firewalls into pre-production status
• Cutover the new Firewall Cluster as per DGL
• Install the Firewall Policies on the new Firewall Cluster
• Perform failover & stability tests of the new setup
• Wipe clean configuration from old devices and remove from datacenter
• OS (Operating system) upgrades
• Co-ordinate with PM on all activities related to OS upgrade and Testing
• Co-ordinate with Application Owner to perform Pre and Post Testing
• Create Service Now Requests to upgrade the Firewall OS from R80.40 to R81.20 or any new version as dictated by Engineering and agreed by PM using the CDT tool
• Attend CAB Meeting to ensure changes are approved
• Contact Application Owners to perform pre and post testing
• Perform the cut over and upgrade the Firewall OS
• All firewall changes must comply with DB 4-eyes process and be accepted by engineering.
• Sign off from Network Operations and clients must be obtained before closing change, where applicable.

GDC support of daily firewall deployment tasks

Must Have :

Experience working in a corporate global network environment with an emphasis on Network Security

Excellent communication skills both written and verbal

Awareness of change practice procedures and compliance / adherence

Able to work / collaborate as a member of a team or individually

Ability to work in a pressurised time critical environment

Exhibit a high degree of integrity

Self-starter and disciplined in your approach to work

Firewall-1 / VPN-1 up to and including vR81

CCSA certified

Provider-1 Smart Domain Manager

Check Point / Cisco / Juniper solution provision

Check Point / Cisco / Juniper troubleshooting

Check Point management server configuration and support

Proxy platform troubleshooting including McAfee and Bluecoat

McAfee, NSM experience

Nice to Have : CCSE Certified

Cisco Certified - CCNP (Network or Security)

ITIL v3 Foundation certified

Project management awareness

Awareness or experience of finance industry related privacy or regulatory procedures and standards"