Network Security Consultant

Contenido de trabajo

Things You Need to Have:

· University degree in Information Security, Computer Science, Information Technology, Engineering and/or related fields with at least 10+ years of experience.

· Demonstrated understanding of Information Security, Endpoints, and Networking operations, integrations, processes, and management concepts

· Demonstrated technical knowledge of current network security, network hardware, protocols, and standards

· Technical “hands-on” experience deploying and administering Network Security tools like IDS/IPS (Intrusion Detection System/ Intrusion Prevention System), Web traffic inspection, Network Access Control solutions, Network Traffic Monitoring & Analysis tools etc.

· Good understanding of Technical Network controls like Firewalls, IPS/IDS, Network Device ACLs, Network isolation and segmentation, redundancy, communication encryption, VPN protocols, URL & DNS filtering etc.

· Previous experience conducting Network security analysis with tools like Wireshark, NetFlow, Darktrace, Splunk as well as security review with Network Configuration Management tools like ManageEngine for identifying security baseline deviations

· Understanding & knowledge of Cloud integration models; Software Defined Networking (SD-WAN); Secure Access Service Edge( SASE), Zero-Trust Network etc.

· Experience with SIEM/SOAR, NDR, EDR, VM, and Data Security solutions and concepts

· Experience with vulnerability management tools such as Nessus, Nexpose, Qualys etc.

· Experience with Identity and Access Management (IAM) and Privilege Access Management (PAM) solutions and concepts is a plus

· Knowledge of Active Directory is a plus

· Knowledge and experience in working with network security technologies from vendors like Palo Alto, Okta, Zscaler, Juniper, Cisco

· Must have foundational Network security certifications like Cisco Certified Network Professional Security (CCNP Security) or CCIE security Certification

· Industry recognized certification in security (e.g., CISSP, SSCP, CEH, OSCP, etc.)

· Vendor Security certifications from Microsoft and AWS is a plus

What you will be doing:

Our client is looking for a Network Security Consultant to join their Information Security team. This will be a hand on resource focused on architecting and configuring vendor agnostic IPS functionality, Next Generation Firewall features and deploying deep learning for evasive Threat Detection. The chosen candidate will be responsible for deriving organization-wide security solutions including configuration, architecture, design, threat response framework, and oversight of security projects in general. The role will entail working and building on security service catalog incorporating Information Security best practices and ensuring specific service adheres to regulatory compliance and security constraints. Successful candidate will work closely with cross-functional teams in delivering security solutions and collaborating with 3rd party vendors to implement technology driven solutions.

The position will be based in Regina (on-Prem). Other work options can be considered, bur preference will be given for Regina based qualified candidates.

· Manage network security devices such as Cisco FTP/FMC, IPS functionality and firewall configuration.

· Act as a subject matter expert & promptly engage and triage problems based on received Security alerts, related to Cisco IPS and next generation firewall functionality.

· Review existing IPS functionality; identify security configuration gaps and anomalies; monitor application traffic flows to determine IPS friendliness; design and provide roadmap to implement a supported service based on security best practices

· Implementing, configuring & designing network security services that support emerging and existing technologies.

· Review existing network security architecture (Cisco) and create documentation with reference to design and configuration templates, operational processes, and both high level and low-level design documents.

· Lead, manage and develop security solutions surrounding network infrastructure to include, LAN/WAN, Software Defined Networking, NGFW, Wireless topologies, IPS/IDS, Web Application Firewall (WAF), Voice and Video solutions, and VPN’s.

· Work with Security Operations team to manage vulnerabilities in the environment.

· Designing new security controls driven by innovation, automation and standardization to streamline security processes.

· Provide directions, guidance to operational members when dealing with network access controls (NAC), data loss preventions (DLP) mechanisms, privilege usage management (PUM), security information and event management systems (SIEM).

· Ensure security compliance with established networking standards with reference to architectural topologies and modification requests to existing designs.

· Build roadmap and frameworks of existing security & network architectures in relation to datacenter replications, monitoring and management of security controls, disaster recovery process from a security standpoint and network security compliance.

· Collaborate with Cloud Security Architect in building the organization security strategy for workloads on On-Prem and Cloud premises.

· Partner with cross functional teams with the organization and external vendors on approaches and deployment strategies to support, document and enforce security standards with emphasis leveraging automation where possible.

· Assist operational resources to troubleshoot complex issues spanning multiple infrastructure domains.

· Adopt infrastructure security technologies with reference to zero trust architecture with potential to scale security policies and enhance security processes.

· Documentation of the existing network framework and architecture deployed in the organization with identification potential security risk areas and proposal for improvements or recommendation of alternatives technologies.

· Review, understand and evaluate business applications and provide design recommendations in relation to network security architecture to determine feasibility, risks and potential impacts.

· Manage and triage network security architecture risk mitigation with reference to business impacts and continuity.

· Configure and Architect network security infrastructure and applications to include multifactor authentication designs, accounting, and emerging network and security technologies with identifiable use cases within the organization

· Perform detailed security analysis of network communication anomalies or security risks from changes to network device configurations, document and report these risks and follow up with appropriate resources to remediate those

risks.

· Provide guidance for proactive controls based on SANS 20

· Participate in security reviews of new services to ensure that end products meet Operational security requirements

· Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and extent of the damage