Network Security Engineer
Ontario, Canada
Carrier
Carrier is the global leader in sustainable healthy buildings, HVAC, commercial and transport refrigeration solutions. Learn more about Carrier Corporation.About Carrier
Carrier is the leading global provider of healthy, safe and sustainable building and cold chain solutions with a world-class, diverse workforce with business segments covering HVAC, refrigeration, and fire and security. We make modern life possible by delivering safer, smarter and more sustainable services that make a difference to people and our planet while revolutionizing industry trends. This is why we come to work every day. Join us and we can make a difference together.
About the position
The network security operations engineer will ensure the proper functioning of all network-based security controls across Carrier. Participate on a team of network / system operators with the appropriate expertise to deploy, maintain, and operate Carrier’s security tool stack. Develop operational rigor as evidenced by e.g. policies, runbooks, change control, and 24 x 7 x 365 ability to ensure tool stack availability and service delivery.
Cultivate and maintain deep working relationships with partners throughout Carrier, built on strong personal and team capability, as well as a track record of execution. Enhance a powerful team culture that nurtures quality performers.
Key Responsibilities
- Work with internal partners from Security, IT, and Data Protection teams to select, implement, and support network security platforms and tools.
- You will create an internal service catalogue of these controls, understanding key attributes for each, such as user experience, SLA, downstream impacts, etc. Work with internal and external audit teams to document, review, and satisfy required controls for audits, automating the controls as much as possible.
- Work with the security architecture team and control operators with a core network-centric body of knowledge, and solution-specific knowledge as needed to support network security initiatives to protect the Carrier business units.
- You will help develop a multi-functional knowledge management program to train new hires effectively on Carrier environments and tools, ensuring broad diffusion of knowledge among the team.
- Develop strong, auditable processes and artifacts to ensure seamless continuity of network security operations.
- Deliver 24 x 7 x 365 global operational capability, ensuring tool stack availability, coverage, and proper functioning.
- You will work closely with colleagues in Identity and Access Management, Cyber, and Architecture / Engineering teams to deploy, configure, patch, operate, and decommission security hardware and software.
- This role will specifically focus on network-based controls, such as firewalls, IDS / IPS, DNS security, outbound web proxy, email security, packet capture, flow analysis, RADIUS, 802.1x, NAC, etc.
- Planning, engineering, and monitoring the security arrangements for the protection of the network systems.
- Display a real passion for information security and the intricacies of hardening and securing systems and networks.
Basic Qualifications
- College Diploma.
- 5+ years technical experience in network operations, such as the deployment, configuration, maintenance, and operation of switches, routers, gateways, DNS servers, VPN concentrators, etc.
- 5+ years technical with firewalls, IDS, IPS, web proxies, email security systems, packet capture, flow analyzers, firewall rule analyzers, etc.
- 5+ years experience with Palo Alto, Fortinet, and Next Generation Firewalls.
- 2+ years experience with Zscaler Security Products (Zscaler Internet Access and Zscaler Private Access)
- Available to participate in a 24 x 7 x 365 global network security operations capability.
- Available to participate in the hiring and training of staff, development of policies and procedures, maturation of processes and change control, development of key artifacts, and the ability to work with auditors with limited supervision.
- Available to maintain coverage of emergency issues around the clock (to be shared with managed service provider).
Preferred Qualifications (assets)
- Strong written and oral communications skills.
- Demonstrated experience determining newest technologies and processes that create noticeable improvements to the overall security ecosystem.
- Experience using industry-standard analysis criteria to test the security level of a system or network.
- Meraki MX security appliances
- Experience with design and engineering of security controls.
- Experience with data center hardware installation and maintenance.
- Current CISSP or other industry-standard information security certification.
Additional information:
- Sponsorship is not supported for this position.
RSRCAR
#LI-Remote
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISSP DNS Firewalls IAM IDS IPS Monitoring NetOps Network security VPN
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.