Network Security Engineer 2/3

JOB SUMMARY

Under the direction of the Chief Information Security Officer, the Network Security Engineer is responsible for the development and operation of UConn’s Network Security (NetSec) infrastructure and systems. The engineer deploys and manages highly available network security technologies to support secure networks and secure digital communication at the university. The role will assess, develop, deploy and maintain network security systems including firewalls, site-to-site VPN, client VPN, IDP, IDS, network detection and response (NDR), varied firewall rulesets, access control rulesets, and related systems. 

The Network Security Engineer is responsible for investigating a diverse range of technical issues across multiple platforms and working with clients who have a wide range of technical proficiency. The engineer works among a team of skilled information security and network professionals to address problems within a complex network environment and develop solutions that fit into that environment. 

The Network Security Engineer is responsible for processes and procedures to ensure the continuous improvement of monitoring, detection, and mitigation capabilities network communications. The engineer plans, organizes and establishes priorities related to an assignment; works independently with minimal outside support; and handles sensitive information in a confidential manner. 

SALARY

• Network Security Engineer 2 (Information Security Analyst 2 – UCP 6): $80,790 to $109,874  

• Network Security Engineer 3 (Information Security Analyst 3 – UCP 7): $90,485 to $123,060 

Note: Please indicate the role you are applying for in your cover letter. All minimum qualifications must be met at the applicable level to be eligible for consideration at that level. Applicable role will be verified by the hiring committee with respect for qualifications and demonstrated experience. Salary will be commensurate with experience and may be negotiable for exemplary candidates. 

BENEFITS INCLUDE

• Defined contribution with employer match or defined benefit program retirement options 
• Excellent and affordable healthcare options 
• 35 hour work week 
• 22 paid vacation days per year, paid sick leave, and 13 paid holidays 
• Employee and dependent tuition waivers 
• A highly desirable work environment and work-life balance 

DUTIES AND RESPONSIBILITIES

Network Security Engineer 2 

• Administers and uses security tools to identify, investigate, and mitigate threats to the environment. 
• Develops and supports UConn’s security infrastructure, including but not limited to, firewalls, VPNs, IDS / IDP / NDR, firewall management, logging, SIEM, and identity access management.   
• Research, recommend, implement, and support security tools and countermeasures to reflect the evolving security terrain and trends; perform network security testing and reports as needed. 
• Develop scripts or deploy programs to assist with automation, provisioning, and/or telemetry, and to ensure integrity of resources to dependent systems. 
• Produce and maintain detailed engineering plans, operating procedures, diagrams, models, and standards as they relate to network security design, deployment, and operations.  
• Proactively analyze network traffic, and system logs, to identify threats, intrusions, and/or compromises. 
• Performs analysis of security incidents to help determine root cause and prevent future occurrences. 
• Triage and respond to service requests from customers and/or internal teams. 
• Maintain awareness of potential and developing threats across industries and in general. 
• Participate in cyber security incident response activities as required.  
• Maintain appropriate documentation and diagrams of infrastructure and security systems.  
• Promote security awareness to improve and ensure system security and best practices.  
• Participate in on-call rotation, after-hour changes, and after-hour escalations as needed. 
• Other related duties as assigned. 

Network Security Engineer 3 (additional responsibilities inclusive of Engineer 2) 

• Serves as domain and subject matter expert in one or more information security domains. 
• Leads design, development, implementation and maintenance of university firewalls, VPNs, IDS/IDP/NDR/XDR, and network security systems. 
• Design, implement, and maintain new information security solutions.  
• Lead major projects/initiatives related to information security and/or cybersecurity.   
• Integrate data for use between various applications and systems. 
• Identify enterprise level security gaps, perform risk assessments, and recommend solutions to ensure best practices and security measures are being met across and between enterprise level systems. 
• Create custom code, api/rest integrations, or other maintainable integrations to facilitate data gathering/sharing across applications and platforms. 
• Ability to operate autonomously and with limited supervision. 

RELATED SKILLS AND COMPETENCIES

• Problem Solving: Demonstrates sound analytic and diagnostic skills dealing with issues that are loosely defined and/or where information is available but must be further manipulated. Once decisions are made, you can follow and direct action to implement intended results. Breaks a problem down to manageable pieces and implements effective, timely solutions. Openly and directly confront issues until resolved. 

• Team Orientation: Builds relationships with peers and other departments to achieve objectives. Balances team and individual responsibilities. Exhibits objectivity and openness to others’ views. Gives and welcomes feedback. Puts success of team above self.  Responsibilities are assigned with some latitude for setting priorities and decision-making using established policies and procedures. Results are reviewed with next-level team lead/manager for clarification and direction before proceeding. 

• Planning and Project Management: Works with, or serves as, the project lead in identifying those project tasks that are most important, establishes clear priorities and understands the larger picture.  Executes project tasks and creates documentation as required. 

• Physical Demands: This position involves extended periods of sitting and the extensive use of computers and office equipment. May involve stooping, kneeling, crouching and/or working on step ladders. Involves close vision, color vision, depth perception, and focus adjustment. Must be able to lift 35 lbs. to shoulder height. 

MINIMUM QUALIFICATIONS

Network Security Engineer 2 

1. Must be a US Citizen. 
2. Bachelor’s degree and two (2) years of related experience, OR Associate’s degree and four (4) years of related experience, OR Six (6) years of related experience (IT/Security).
3. One (1) or more years of experience working in an information security role in the network security domain. 
4. Knowledge of network architecture concepts including topology, protocols, components, and principles. 
5. Knowledge of firewalls, VPN, network proxies, and network design 
6. Experience with network flow data (i.e., NetFlow, sFlow, IPFIX) or related forms of flow records and session summary data. 
7. Understanding of diagnostic and troubleshooting tools, such as the ability to perform detailed analysis on packet capture data; SIM/SIEM log analysis and diagnosis. 
8. Experience managing enterprise security devices/platforms from vendors such as Fortinet, Palo Alto, Arbor/NetScout, f5, iBoss, Splunk, Cisco and/or Juniper. 
9. Programming/development/scripting skills (Python, PHP, PERL, and/or Powershell) 
10. Experience in security analysis, policies, procedures and standards. 
11. Strong technical, analytical, interpersonal, and organizational skills  

Network Security Engineer 3 (inclusive of Network Security Engineer 2) 

1. Bachelor’s degree and two (4) years of related experience (IT/Security), OR Associate’s degree and four (6) years of related experience (IT/Security), OR Eight (8) years of related experience (IT/Security).
2. Three (3) or more years of experience working in an information security role in the network security domain. 
3. Experience designing, deploying and administering complex firewall, VPN, IDS/IDP/NDR/XDR, and network security management systems in an enterprise environment. 
4. Familiar with IT Security frameworks and relevant regulatory obligations and audit requirements (GDPR, SOX, NIST, ISO, PCI, FERPA, HIPPA, and/or AICPA/SOC2).
5. Senior level Network Security Engineer experience. 

PREFERRED QUALIFICATIONS

Network Security Engineer 2 

1. Bachelor’s degree or higher in a Science, Technology, Engineering, or Math (STEM) field. 
2. Demonstrated ability to stay informed in securing evolving technologies. 
3. Demonstrated understanding of a wide array of enterprise applications/services including DNS, SMTP, SSL/TLS, IIS, Apache, LDAP, CAS, Entra, Azure/AWS, SQL, RADIUS, TACACS, etc. 
4. Demonstrated understanding of related security domain concepts including Identity & Access Management, Security Operations, Application Security, Risk Management, and Incident Management. 
5. Experience working in a higher education environment. 

Network Security Engineer 3 (inclusive of Network Security Engineer 2) 

1. Experience securing on-prem and cloud provider based networks. 
2. Experience configuring and troubleshooting client and point to point VPNs. 
3. Senior level experience with Palo Alto firewalls. 
4. Senior level experience with Cisco firewalls. 
5. Senior level experience with Fortinet firewalls. 
6. Senior level experience with Meraki network gear. 
7. Experience deploying, administering, operating, and troubleshooting firewall management systems such as Tufin, Panorama, Fortimanager, and Cisco FMC. 
8. Experience deploying, administering, operating, integrating and troubleshooting Cisco Anyware and Cisco ISE. 
9. Experience with NDR/XDR (ie SNA/Stealthwatch, Vectra).
10. Experience with network monitoring platforms (ie LogicMonitor).
11. Experience with automation using vendor API’s.  
12. Experiencing in contract negotiations, pricing, terms, and conditions. 
13. CISSP, CISM, or other senior information security or network security certification. 

APPOINTMENT TERMS

This is a full-time, permanent position located at the Storrs Campus in Storrs, CT. This position may require you to travel in-state and may work irregular hours to support operational or security activities and initiatives. 

For additional information regarding benefits visit: https://hr.uconn.edu/employee-benefits-overview/. For additional information about the University visit: https://www.uconn.edu. Other rights, terms, and conditions of employment are contained in the collective bargaining agreement between the University of Connecticut and the University of Connecticut Professional Employees Association (UCPEA).  

Other rights, terms, and conditions of employment are contained in the collective bargaining agreement between the University of Connecticut and the University of Connecticut Professional Employees Association (UCPEA).

TERMS AND CONDITIONS OF EMPLOYMENT

Employment of the successful candidate is contingent upon the successful completion of a pre-employment criminal background check.

TO APPLY

Please apply online at https://hr.uconn.edu/jobs, Staff Positions, Search #498916 to upload a resume, cover letter, and contact information for three (3) professional references.

This job posting is scheduled to be removed at 11:55 p.m. Eastern time on March 11, 2025. 

All employees are subject to adherence to the State Code of Ethics which may be found at http://www.ct.gov/ethics/site/default.asp.

All members of the University of Connecticut are expected to exhibit appreciation of, and contribute to, an inclusive, respectful, and diverse environment for the University community.

The University of Connecticut aspires to create a community built on collaboration and belonging and has actively sought to create an inclusive culture within the workforce. The success of the University is dependent on the willingness of our diverse employee and student populations to share their rich perspectives and backgrounds in a respectful manner. This makes it essential for each member of our community to feel secure and welcomed and to thoroughly understand and believe that their ideas are respected by all. We strongly respect each individual employee’s unique experiences and perspectives and encourage all members of the community to do the same. All applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

The University of Connecticut is an AA/EEO Employer.