Sr Network Perimeter Security Engineer

Responsibilities:

In the role of the Sr. Network Security Engineer, you will:

• Assist in the definition of the strategy and technology roadmap for Network Security Architecture, assess, and deliver fit for purpose technical security solutions.
• Identify, plan, and execute needed security changes to existing methods and techniques used throughout the organization.
• Lead projects and initiatives with broad scope and high impact to the business and be a recognized expert in Network Security.
• Considered a subject matter expert in their field and is expected to stay current with various technologies, organizational goals, and industry trends to drive value. Provide operational management and engineering of Firewalls, IDS/IPS.
• Provide technical expertise and guidance for the configuration and installation of new network and security technology.
• Partner with multi-functional teams to deliver widely impactful security initiatives.
• Monitor networks/logs/systems for security breaches or intrusion using the latest security tools and techniques such as SIEM, Vulnerability management, End-Point Security.
• Execute and prioritize work to meet deadlines. Evaluate new threats, solutions and the impact on IT and Business operations.
• Ensure organizational compliance with security policies outlined in various standards and controls. 
• Work with customers and operations teams to define repeatable reference network security architectures.
• Determine network security requirements by evaluating business strategies and requirements.
• Assist in conducting system security and risk assessments as the security infrastructure SME. 
• Work with ABM IT Project Management Office (PMO) on all assigned projects, where appropriate.
• Environment Support including ServiceNow incidents and requests, Major Incident troubleshooting and collaboration, etc.
• Work with 3rd party vendors to complete projects or troubleshoot issues, as assigned.
• Report weekly status on projects to designated ABM IT management.
• Attend staff meetings, as required.
• Maintain detailed network documentation, including diagrams, configurations, and procedures.
• Stay current with industry trends, technologies, and best practices in networking.
• Collaborate with cross-functional teams including systems administrators, application developers, information security and IT support.
• Manage and maintain network configurations, firmware, and software updates.
• Develop and enforce network policies, standards, and procedures.
• Conduct research and make recommendations on network infrastructure, services, protocols, and standards in anticipation and in advance of the business need, e.g. identifying toolsets, configurations and performing analysis to identify and remediate and improve the team’s understanding and ability to remediate deficiencies.
• Provide guidance and support to more junior team members, conducting and overseeing training sessions, standards, and best practices overviews.
• Participation in a weekly on call rotation to support the production environment.
• Monitor and manage the Enterprise domain controllers and DHCP. 
• In addition to regularly scheduled hours and responsibilities, SSEs are sometimes required to assist on special projects and emergencies. This includes, but is not limited to, regularly scheduled evening or early morning maintenance in the Data Center and emergency response at any time (24x7).  These additional responsibilities are an essential function of the job and are required to ensure continuous operations and minimize disruption to end-users.

Required Qualifications:

• Bachelor’s degree in information systems, Information Technology, Computer Science, or Engineering from an accredited university, master’s degree preferred
• Minimum 10 years of information technology experience
• Minimum 5 years of information security experience
• Hands on experience in security systems, including but not limited to (firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.)
• Must manage ambiguity, resolve urgent and competing demands, and go above-&-beyond to deliver outcomes. 
• Must have measured courage to say "no," to focus on key priorities.
• Strong ability to think creatively when approaching issues.
• Strong oral, and written communication skills
• Strong analytical and problem-solving skills with attention to detail.
• Strong project management skills and the ability to work in a team environment.
• Ability to think strategically and innovatively, including a demonstrable capacity to proactively identify and respond to relevant IT Risk related issues of both long-term and immediate importance to the Company.
• Exceptionally self-motivated, directed and detail oriented.
• Strong level of experience using the Microsoft suite of Products.
• Strong knowledge of networking protocols (TCP/IP, BGP, OSPF, etc.) and technologies (VPN, LAN, WAN, WLAN). Network Troubleshooting skillset in a Data Center & Campus environment.
• Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and regulators.
• Self-starter that can work efficiently both independently and with teams.

Technical Qualifications:

• Familiarity with Azure and AWS
• SaaS solutions such as Salesforce, Workday, and Office 365, SAP, OCF
• Identity and Access Management (IAM) platforms and related protocols such as SAML, SPML, XACML, SCIM, OpenID and OAuth
• Experience with cloud-based security platforms (ZTNA)
• Understanding corporate network monitoring and security and common network protocols such as TCP/IP, VLANS, DNS, DHCP, radius, WIFI, Backup
• Networking and firewalls – CISCO, FortiGate, Checkpoint, Juniper, and/or Palo Alto, Virtual Firewall appliances
• Experience managing 20+ FW in an Enterprise 
• Experience implementing and managing End-point protection using SCCM
• Experience with Web-Application Firewalls implementing and managing.
• Operating systems, including Windows and Linux

Preferred Qualifications:

• One or more of the following certifications in area of specialty are preferred. Examples include CompTIA, CISSP, CCSA/CCSE, CSSLP, CISA, CISM, GIAC certs, CFE, CNP, CEH, Fortinet NSE, PCNSE, ZCE
• 5 + years of experience with Cisco Identity Service Engine (ISE) or another 3rd party Network Access Control (NAC) product
• 5 + years of experience with Cloud computing (Azure, AWS, or GCP)
• Experience with Network Automation (e.g. Ansible, Terraform, Puppet)
• Enterprise Network Monitoring software experience (SolarWinds Orion)
• Experience developing strategies for implementation of QoS, and Multicast
• Experiencing with packet capture and analysis tools, NetFlow, IP SLA, etc.

Benefit Information:

ABM offers a comprehensive benefits package.  For information about ABM’s benefits, visit:

https://www.abm.com/wp-content/uploads/2023/11/2024-Recruitment-Staff-Mgmt-11.6.23.pdf