Network Security Engineer
American Greetings Corporation
On-site
Westlake, Ohio, United States
Job Description
As this is a hybrid role, based out of our Creative Studios in Westlake, Ohio, we will focus on candidates currently residing in Northeast Ohio.
The Security Engineer will be responsible to perform the day to day operations, management and administration of critical network security devices to protect the integrity, confidentiality, and availability of information assets and technology infrastructure of the organization.
The daily activities and responsibilities include technical security administration and project work to include off hours support. This role also participates in security tool selection and provides input into strategic and tactical planning.
The Security Engineer role will also make contributions in the evaluation, development, and implementation of security standards, procedures, and guidelines for multiple platforms and diverse systems environments.
ESSENTIAL DUTIES & RESPONSIBILITIES:
• Provide first level support for all security functions related to Perimeter security infrastructure
• Monitor ServiceNow queues for Security Admin requests
• Manage open security requests and issues to ensure all work is delivered on time and with high quality;
• Assist with and provide technical guidance on all network security issues that arise and resolve them in a timely manner either in person, over the phone or remotely and escalate if needed.
• Perform investigation and remediation of active security incidents.
• Provides technical support on all network security aspects of the operations of the firewall, VPNs, IDS/IPS, NAC, DLP, ZTNA, Web Filtering, Radius, enterprise End-point protection solutions, Enterprise centralized log management solution. Threat, vulnerability, and risk vulnerability management solution.
• Provides analytical and technical security recommendations to other team members, and clients. Identifies requirements, based upon need or as the result of a security issue that puts organizations systems at risk.
• Participate in security compliance efforts. Performs all security audit activities required by Corporate Information systems and Internal auditing departments;
• Champion security process and operational improvements and best practices
• Create, maintain, and document security baselines
• Develops documentation to support ongoing security systems operations, maintenance and specific problem resolution.
• Required to provide on call support and execute maintenance activities during both business hours and off business hours
• Provide 24 x 7 support for both planned and unplanned activities to minimize disruption to the business
• Maintain documentation of security configurations and procedures
• Complete training opportunities as required to stay current on existing and new security platforms deployed in the environment.
• Serve as primary owner of network security technologies, including firewall, IDS/IPS, NAC, Web Filtering, and Zero Trust.
• Monitor incidents escalated by our Managed Detection and Response partner to serve as an escalation tier for security incidents.
• Provide management and configuration support for the following network technologies:
• Firewall and IPS systems across data center,
branch/factory locations, and public cloud
• Secure Service Edge solutions
• Zero Trust User to app network segmentation
• Network Access Control
• Vulnerability Management
• Perform remediation of security incidents using the following tools:
• Endpoint Detection and Response
• SIEM/SOAR
Experience Required:
Required Length & Type of Experience:
• 3+ years of technical experience managing firewalls and security appliances
• Experience in implementing security architecture and engineering guidelines, standards and procedures
• Good working knowledge of Network/Infrastructure Security technologies (IPSEC, SSL/VPN tunneling, Firewall access control, zero-trust network access, intrusion detection, intrusion prevention, administrative access control) and compliance (PCI, SOX, HIPAA) - extensive understanding in routing, switching, firewall, IPS/IDS, Radius, VPNs in Cisco technologies
Knowledge, Skills & Abilities:
• Ability to follow policies and procedures; completes administrative tasks correctly and on time; Supports organizational goals and values
• Flexible, positive and team-oriented attitude; Ability to work collaboratively as a team
• Excellent interpersonal skills, able to work effectively with team members
• Perform duties with minimal supervision
• Strong written, verbal and presentation skills;
• Able to handle dynamic and high-pressure environment with focus on success and productivity
• Demonstrate excellent analytical abilities and critical thinking;
• Excellent troubleshooting, root cause analysis and test planning skills
• Good understanding of IEEE 802.11 standards, and Wireless security concepts
• Fundamentals of network routing & switching
• Intermediate knowledge of internetworking (protocol, port and routing level)
• Basic to intermediate knowledge of message hygiene, anti-spam/anti-malware/anti-virus for messaging systems
• Working experience with SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment to include.
• Good working knowledge in TCP/IP; web architectures and web programing technologies such as HTML, JavaScript, XML, PHP.
• Good working knowledge of Public/Private Key Infrastructure and the management of digital certificates
• Basic to intermediate knowledge of Endpoint Protection solution in an enterprise environment
• General knowledge of AIX UNIX, Linux and Windows Operating Systems with the focus of security administration
Practical working experience is required in the following areas:
• Next Generation Firewall and IPS solutions
• Remote Access solutions
• Network Access Control solutions
• Secure Service Edge solutions
• Zero Trust Network Access
Practical working experience in the following areas is desirable:
• Cloud Access Security Brokers
• EDR/XDR solutions
• Web Application Firewalls
Perform security tool administration providing risk analysis of the following:
• Vulnerability scanners
• Security event logging & monitoring analyzers
• Intrusion Detection/Prevention System (IDS/IPS) and firewall logs
• Performs system and network security audits
• Anti-virus products and central console
• Single SignOn Architectures (SSO)
Education Required:
Bachelor’s degree in Computer Science or equivalent combination of relevant education, training and experience, 6+ years relevant experience
As this is a hybrid role, based out of our Creative Studios in Westlake, Ohio, we will focus on candidates currently residing in Northeast Ohio.
The Security Engineer will be responsible to perform the day to day operations, management and administration of critical network security devices to protect the integrity, confidentiality, and availability of information assets and technology infrastructure of the organization.
The daily activities and responsibilities include technical security administration and project work to include off hours support. This role also participates in security tool selection and provides input into strategic and tactical planning.
The Security Engineer role will also make contributions in the evaluation, development, and implementation of security standards, procedures, and guidelines for multiple platforms and diverse systems environments.
ESSENTIAL DUTIES & RESPONSIBILITIES:
• Provide first level support for all security functions related to Perimeter security infrastructure
• Monitor ServiceNow queues for Security Admin requests
• Manage open security requests and issues to ensure all work is delivered on time and with high quality;
• Assist with and provide technical guidance on all network security issues that arise and resolve them in a timely manner either in person, over the phone or remotely and escalate if needed.
• Perform investigation and remediation of active security incidents.
• Provides technical support on all network security aspects of the operations of the firewall, VPNs, IDS/IPS, NAC, DLP, ZTNA, Web Filtering, Radius, enterprise End-point protection solutions, Enterprise centralized log management solution. Threat, vulnerability, and risk vulnerability management solution.
• Provides analytical and technical security recommendations to other team members, and clients. Identifies requirements, based upon need or as the result of a security issue that puts organizations systems at risk.
• Participate in security compliance efforts. Performs all security audit activities required by Corporate Information systems and Internal auditing departments;
• Champion security process and operational improvements and best practices
• Create, maintain, and document security baselines
• Develops documentation to support ongoing security systems operations, maintenance and specific problem resolution.
• Required to provide on call support and execute maintenance activities during both business hours and off business hours
• Provide 24 x 7 support for both planned and unplanned activities to minimize disruption to the business
• Maintain documentation of security configurations and procedures
• Complete training opportunities as required to stay current on existing and new security platforms deployed in the environment.
• Serve as primary owner of network security technologies, including firewall, IDS/IPS, NAC, Web Filtering, and Zero Trust.
• Monitor incidents escalated by our Managed Detection and Response partner to serve as an escalation tier for security incidents.
• Provide management and configuration support for the following network technologies:
• Firewall and IPS systems across data center,
branch/factory locations, and public cloud
• Secure Service Edge solutions
• Zero Trust User to app network segmentation
• Network Access Control
• Vulnerability Management
• Perform remediation of security incidents using the following tools:
• Endpoint Detection and Response
• SIEM/SOAR
Experience Required:
Required Length & Type of Experience:
• 3+ years of technical experience managing firewalls and security appliances
• Experience in implementing security architecture and engineering guidelines, standards and procedures
• Good working knowledge of Network/Infrastructure Security technologies (IPSEC, SSL/VPN tunneling, Firewall access control, zero-trust network access, intrusion detection, intrusion prevention, administrative access control) and compliance (PCI, SOX, HIPAA) - extensive understanding in routing, switching, firewall, IPS/IDS, Radius, VPNs in Cisco technologies
Knowledge, Skills & Abilities:
• Ability to follow policies and procedures; completes administrative tasks correctly and on time; Supports organizational goals and values
• Flexible, positive and team-oriented attitude; Ability to work collaboratively as a team
• Excellent interpersonal skills, able to work effectively with team members
• Perform duties with minimal supervision
• Strong written, verbal and presentation skills;
• Able to handle dynamic and high-pressure environment with focus on success and productivity
• Demonstrate excellent analytical abilities and critical thinking;
• Excellent troubleshooting, root cause analysis and test planning skills
• Good understanding of IEEE 802.11 standards, and Wireless security concepts
• Fundamentals of network routing & switching
• Intermediate knowledge of internetworking (protocol, port and routing level)
• Basic to intermediate knowledge of message hygiene, anti-spam/anti-malware/anti-virus for messaging systems
• Working experience with SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment to include.
• Good working knowledge in TCP/IP; web architectures and web programing technologies such as HTML, JavaScript, XML, PHP.
• Good working knowledge of Public/Private Key Infrastructure and the management of digital certificates
• Basic to intermediate knowledge of Endpoint Protection solution in an enterprise environment
• General knowledge of AIX UNIX, Linux and Windows Operating Systems with the focus of security administration
Practical working experience is required in the following areas:
• Next Generation Firewall and IPS solutions
• Remote Access solutions
• Network Access Control solutions
• Secure Service Edge solutions
• Zero Trust Network Access
Practical working experience in the following areas is desirable:
• Cloud Access Security Brokers
• EDR/XDR solutions
• Web Application Firewalls
Perform security tool administration providing risk analysis of the following:
• Vulnerability scanners
• Security event logging & monitoring analyzers
• Intrusion Detection/Prevention System (IDS/IPS) and firewall logs
• Performs system and network security audits
• Anti-virus products and central console
• Single SignOn Architectures (SSO)
Education Required:
Bachelor’s degree in Computer Science or equivalent combination of relevant education, training and experience, 6+ years relevant experience