Network Security Engineer II (Contract)

Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!

Who We Are

Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. 

Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.

Deepwatch recognition includes:

• 2023, 2022 and 2021 Great Place to Work® Certified
• 2023 and 2022 Forbes America’s Best Startup Employers
• 2023 and 2022 Fortress Cybersecurity Award
• 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners
• 2022 Cigna Healthy Workforce Silver Designation
• 2022 Cybersecurity Excellence Award for MDR

Network Security Engineer II - Contract (6 months)

Location: This job is available to work in one of our hub locations: Tampa, FL; Denver, CO; DC metro area, CA (Bay area), Austin, TX and will be hybrid

*We are not working with third party vendors for this role*

Position Overview

Reporting directly to the Manager, Network Security, the Network Security Engineer II will be responsible for the configuration and management of our customer’s next generation firewall environment on a 24/7 team. Additionally, you'll update and maintain all policies, objects, interface configurations, and signatures, perform upgrades, and provide best in class security for the customer while maintaining compliance with applicable regulations. As an escalation tier resource, you will be asked to provide consultative expertise on next-generation firewall platforms to improve customer implementations. You will also respond to continuously monitored customer environments ensuring maximum availability and acceptable risk tolerance documented by the customer.  You will be part of a weekly on-call rotation and required to adhere to all change windows required by customers. 

If you are passionate about leveraging best in class security tools and processes to achieve positive results for customers, Deepwatch, and our shareholders, in a remote, work-from-home environment, while remaining adaptable & positive in a dynamic work environment, we want to hear from you. 

In this role, you’ll get to:

• Serve as an escalation tier technical resource for customer’s next generation firewall solution(s) (Cisco & Fortinet) providing recommendations and guidance on their implementation to increase cyber resilience
• Analyze and perform Firewall Policy, network VPN, and associated configuration creation, updates, maintenance, and triage, through strict adherence to customer defined Change Management processes
• Perform Hardware, software, and firmware upgrades and patching while ensuring security hardening is within requirements set forth by the customer and in accordance with industry best practices
• Execute on approved Policy Audit & Cleanup
• Engage with customer stakeholders for policy management consultation and dialogue
• Analyze and guide improvements to Policy optimization and normalization across customer environments
• Monitor and triage platform and network performance through health, netflow, and other required tooling including packet capture tools and performance monitoring platforms
• Provide recommendations and guidance on potential actions to improve availability and performance within managed platforms
• Serve as a peer reviewer to all applicable change control requests
• Escalate anomalous network and system activity to the SOC
• Effectively manage a wide variety of customer issues and requests via a priority based model.
• Collaborate with the other Deepwatch experts to ensure that any incident's underlying problems are managed and resolved including potential emergency changes
• Participate in a weekly on-call rotation and, as required, work outside of normal business hours to complete scheduled maintenance, outage response, incident response, and emergency change requests
• Collaborate with applicable vendors to ensure case management and customer escalation as needed or requested
• Attend focus groups, trainings, industry conferences, and skills enhancement opportunities, as applicable and approved through learning and development

You’ll be successful in this role, if you:

• Demonstrate an advanced working knowledge in networking, network security, including familiarity with complex firewall configurations (upgrading & patching, layer 7 policy management, object organization, configuring templates, and tagging standards), VPN's, Web Proxies, Network Antivirus, IDS/IPS, and enterprise routing and switching
• Demonstrate advanced proficiency in configuring and troubleshooting Cisco & Fortinet firewall technologies
• Have proficient experience with enterprise network design, implementation, and network operations monitoring and triage
• Can maintain and create competent technical documentation and create and follow documented procedures
• Obtain and/or are willing to maintain industry relevant professional level certifications (e.g. Palo Alto PCNSA, Cisco CCNP Security, Fortinet FCP, etc.)
• Demonstrate an advanced proficiency in the understanding of network communication protocols (such as DNS, HTTP/S, NTP, ARP, SSH, SMTP, SNMP, etc.), OSI model triage, security protocol functionality and idiosyncrasies, and advanced network and security nomenclature enabling you to identify root causes of illusive problems through packet capture analysis
• Have advanced experience in and understanding of IP Addressing, Subnetting, Supernetting (IPv4) and troubleshooting HA firewall clusters
• Possess advanced level understanding of IPsec VPNs, certificates, tokens, and API’s as well as real world implementation and troubleshooting experience
• Understand industry standard policies, regulations, and applicable compliance
• Must be able to determine if change requests meet security best practices and are within the acceptable risk tolerance, be comfortable justifying applicable change requests, and providing appropriate response to customers for rejections
• Can demonstrate best practices in case management resolution and can translate customer request verbiage to applicable requests or incidents
• Have advanced knowledge with ITIL Service Management and the integration of those processes into Network Security programs
• Strong documentation skills required
• Possess a high level of customer service and soft skills including: active listening and competent communication.

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.;
• A lawful permanent resident of the United States; 
• A person admitted to the United States as a refugee; or
• A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

The anticipated hourly range for this role is $43.00 to $63.00 (+ benefits where applicable). Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

What We Offer:

Deepwatch is excited to provide benefits designed to support team members and their families. Including:

• Medical, dental, vision, and disability insurance
• Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
• Unique professional development benefits, starting at $3,000 annually
• Wellness contests and monthly educational programs
• 401(K) retirement program with employer match
• Learn more here: Deepwatch Benefits

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.  Please review our DEI Statement here.

Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact recruiting@deepwatch.com for further information.

All Deepwatch employees are expected to:

• Be interested in and able to work remotely from a home office when not at a corporate office
• Pass a pre-employment background and drug screen in accordance with applicable laws

Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law.  In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

By submitting your application, you agree that Deepwatch may collect your personal data for recruiting, global organization planning, and related purposes. The Deepwatch Privacy Policy explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over Deepwatch’s use of your personal information.