| || |
iMethods is currently seeking a Network Security Engineer for a client hospital in Cleveland, Ohio. This is a permanent position and will require full time residence or relocation to Cleveland, Ohio.
Primarily responsible for interactions with business users, vendors, project managers, design architects and technology managers to assess, remediate, and deploy information security, DMZ security, and networking technology throughout the UH enterprise network. Collaborates with the Identity and Access Manager, UH Network Manager/Network Design Architect, and server team leadership to assess the current infrastructure and formulate a plan to manage all information security DMZ and network technologies. Reviews the firewall designs and configurations, Network Design document, validates its implementation, and produces an as-built enterprise network diagram. Responsible for assisting with the design and implementation of new server and networking services. Interacts with business users and vendors to identify and define requirements and expectations of new and existing network systems.
- In conjunction with Information Security Operations team, Network and Storage Architects and group Managers: develops, tests, presents, deploys, and manages Information Security technologies for the DMZ and wireless and wired networks.
- Completes work request activity submitted via Service Request System.
- In conjunction with Information Security team, identifies, diagnoses, and resolves Information Security technology issues.
- Validates the implementation of Secure Network Design documents by reviewing configuration, installation, and replacement of network and security infrastructure components.
- Remotely administers and maintains the security of complex TCP/IP networks using firewalls, routers, intrusion detection / prevention, proxy devices, and switches.
- Creates and maintains comprehensive documentation related to the server and network security infrastructure.
- Schedules upgrades and collaborates with security, server, and network architects on security and network optimization.
- Recommends, reviews, tests, schedules and implements upgrades (i.e. IOS upgrades, patches).
- Configures support of information security networking devices.
- Provides support using network management tools including Cisco Works, Cisco NAM, What’s Up, Fluke’s OptiView, Solar Winds, SNMP, etc.
- Provides support using security management tools including McAfee Intrushield, Cisco IronPort, Websense, McAfee ePO, RSA DLP, dual-factor authentication, etc.
- Proactively recommends and may perform performance tuning and optimization activities which maximize efficient use of existing technology resources.
- Defines security KPIs and maintains utilization reports and documentation.
- Creates and maintains comprehensive documentation related to the server/network security infrastructure and procedures.
- Performs on-call service rotation; provides 24 x 7 production support on a rotating basis.
- Performs occasional night/weekend work as required due to environmental constraints.
Experience & Knowledge:
- 5+ years of experience with Enterprise Network, DMZ, and Security infrastructure, including design, implementation, and ongoing management and troubleshooting required.
- Hands on experience working with firewalls, proxies, email security gateways, intrusion detection / prevention, device encryption, and data leak prevention tools required.
- Excellent technical and interpersonal skills required.
- Excellent verbal and written communication skills required.
- Must be familiar with DNS, HTTP, 802.1x, EAP, TKIP, AES, Radius, IPsec, TLS/SSL, routing protocols (BGP, OSPF, HSRP, VRRP) and VLANs, and layer 2 / Layer 3 roaming
- Ability to effectively document processes required.
- Must be self-starter who is inspired by technology, highly organized, and ability to work with minimal supervision.
- Excellent skills with Microsoft Office Suite including Visio and Project required.
- Practical experience in the use of network monitoring tools such as Cisco Works LMS, Netflow, HP Open View and Network Sniffer is required.
- Practical experience in the use of security tools such as Cisco IronPort, Websense, McAfee ePO, and Digital Guardian DLP is required.
- Advanced experience with security devices such as ASA, VPN Concentrators, IPS / IDS preferred
- Knowledge of Cisco security technology for both wired and wireless, including ASA and FirePOWER
- Complex problem solving abilities with experience in performing root cause analysis required.
- Microsoft Active Directory / DNS / DHCP support preferred.
- Familiarity with PCI-DSS preferred.
- Valid Driver’s license and reliable transportation required.
B.S in Information Technology or related field with an interest in Information Technology Security and Networks required.
Credentials, Licensure or Certification (i.e. RN, RRT):
Optional: Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional Security (CCNP Security), or GIAC.