Network Security Engineer
1855 Gateway Blvd., Suite 730 Concord, CA 94520
Reporting to the Senior Manager, Information Technology you will work with a team of 7 at Client support center in Calabasas Hills, CA. As the Network Security Engineer (Temp to Hire), you will play an integral part in supporting all network security infrastructure services, including architecture, deployment and support servicing all aspects of The Client Network Security Infrastructure service availability for Restaurants and Corporate locations for a global $2.5 billion public company with over 290 full-service restaurants and more than 46, 000 total staff members.
You’ ll thrive in this position if you are:
- Exhaustively meticulous: you have an unrelenting attention to detail, documenting everything, leaving nothing to chance while understanding what deserves your immediate attention and what can wait until tomorrow or next week.
- An expert in your field: you seek to maintain a comprehensive and strategic knowledge base of the current technology landscape, particularly trends, developments and advancements.
- Service oriented: you’ re a people person, systematic and trustworthy, who effortlessly provides exceptional support
- Improvement focused: you never turn off the thought “ how can I do this better/faster/ or with less”.
- Relationship builder: you are a master at building genuine relationships with people at all levels inside and outside of an organization. Whether they’ re a type A, B or Z personality, you easily establish a warm relationship, building an effective network around you.
Here’ s what you’ ll get to do:
- Working with the Technical Services team will actively support al network and systems security hardening efforts, to include; annual, quarterly and daily security audit, assessments, reviews and remediation procedures
- As the Network Security Engineer, manage and support complex LAN/WAN and security infrastructure enhancements, to include design, implementation and SteadyState support for all Cisco firewalls, ISE infrastructure, Meraki WiFi, VPNs, including all routing and switching infrastructure to include enterprise class routers and switches from Cisco and Meraki.
- Proactively research and communicate emerging security threats, proposing recommendations for implementing short- and long-term solutions to decrease threat vectors and enhance over all security posture.
- Working with the network security team to oversee our Infrastructure monitoring & Incident Response teams in concert with SOC vendors to secure and monitor our corporate, restaurants and cloud infrastructures. Experience with industry recognized SIEM and Event Correlation tools.
- As the Network Security Engineer, provide escalation support for Network infrastructure service availability issues as well as all security incidents or escalations.
- Create and maintain network & systems documentation to include administration guides, network, security, configuration diagrams and asset management
- Be available, on-call as required to rapidly troubleshoot any problems resulting from changes or unexpected outages or security incidents.
What we require:
- 10+ years’ of advanced Network Security Engineering with seasoned experience designing, deploying and supporting complex LAN/WAN and Security infrastructure.
- Advanced experience with Cisco Sourcefire Firewalls, Zone based firewalls, Cisco ISE, 802.1x, MAB, PKI Certificate authentication, RSA, DUO, Okta MFA ASA integration, IDS/IPS, MDM, SSO and access control management solutions.
- Demonstrated experience independently managing large network infrastructure upgrade projects with little to no down time.
- Advance experience supporting large WAN networks and routing protocols including BGP, EIGRP, OSPF. Including MPLS, NNI Extranets and DMVPNs.
- Experience designing, deploying and supporting SD-WAN services from Viptela, Meraki, Fortinet and or Silver Peak highly desired.
- Demonstrated experience supporting enterprise class Cisco switching supporting VMWare clusters, using Nutanix or other complex switch fabric networking.
- Experience support NSX environments strongly desired.
- Demonstrated automation scripting experience using Python, Puppet, Batch and or Powershell.
- Seasoned advanced experience using Cisco Network management tools such as Prime, CSA with advance experience using other monitoring tools including Netflow, Solarwinds and packet level capturing tools such as Wireshark, Fiddler, Microsoft Network Monitor. Including industry recognized SIEM and Event Correlation tools.
- Experience using multiple security pen testing / scanning tools to include Qualys, Nessus, Snort etc.
- Strong understanding of security topics such as access control, network and systems hardening, threat modeling, encryption, vulnerability management, digital forensics and incident response
- Experience with compliance and risk management frameworks, such as PCI, SOX, ISO27001
- Excellent communication skills with prior experiencing leading or acting as a liaison between other departments, employees, management and vendors.
What we prefer:
- Cisco CCNA / CCNP / CCIE Certifications
- CA Plus & Network Plus Certifications and/or CCNA
- Bachelor’ s degree in Engineering, Computer Science