Network Engineer

Network Engineer - 

Summary/Objective

Established in 2006, CyberClan’s carefully selected team of experts are capable of solving complex cyber security challenges – keeping data secure and businesses running as usual. CyberClan’s Global Incident Response Teams are available 24/7/365 to leap into action, responding to all cyber attacks with proven defensive methodology, we quickly identify, contain, eradicate and recover from a cyber attack. Our goal is to get businesses fully operational as quickly as possible and to further prevent any downtown or impact to the business operations.

CyberClan investigates and assists clients with all types of security breaches; insider threat, unauthorized access, malicious code. Some you’ve probably read about in the news before, but many more stay hidden from the public’s eye. We receive and investigate the clients data in a secure forensic lab environment. Because of the growth and dynamic nature of the case loads we want to move these efforts to the public cloud and take full advantage of the inherent elasticity and automation capabilities.

The Network Engineer will be responsible for designing, implementing, maintaining, and troubleshooting network systems of our clients to ensure efficient and secure communication within their organization. Candidates must have technical depth and a customer-first mentality, the desire to take the initiative to own and resolve customer issues and interest in working in a fast paced, high growth learning environment. As this is a senior role, you would be expected to offer support and mentorship to junior members of the team as well as work on multiple projects at the same time. This role involves working with various networking technologies, including wired, wireless, and cloud-based solutions. This position will require extensive and frequent travel to multiple locations and sometimes on short term notice.

Reporting to the Global Head of Digital Forensics & Incident Response, the successful candidate will work as part of the Post Breach Remediation team and serve as the Incident Commander in all on-site and remote incidents. You will collaborate closely with other cross-functional teams within the organization.

Essential Functions

Strategy & Planning

• 
  Collaborate with network, cloud systems, cybersecurity & enterprise architecture teams to create optimal network design and configurations and ensure seamless network functionality
•   Collaborate with network hardware/software vendors, internet service providers (ISPs) to ensure 99.9% uptime of the network infrastructure. This also includes maintaining and renewing network solution contracts and documenting them in our contract management system Design, maintain and recommend improvements to our cloud platform firewall and network design to improve network management and operations
  
•  Create detailed network plans and designs for network infrastructure for CyberClan clients, keeping in mind current size and future growth and ensuring the designs are scalable and secure
  
•  Research and recommend network hardware/software that fits best for CyberClan's clients
  
•  Participate in planning and implementation of robust security configurations on Firewalls and other perimeter hardware
  
• Research and implement ways to optimize network performance. This includes looking for automation opportunities
  
• Identify long term requirements through solutions during the remediation process to be handed over to the Sales teams to pursue the opportunity
•  Identify vendor solutions to solve/improve client needs and experience and elevate those to Leadership for review/consideration
• Work with other team members to develop workflows, playbooks and best practices to be employed and repeated across regions
• Continuously manage and update documentation for network topologies, SOPs and policies ensuring compliance with industry standards and regulations
  
•  Collaborate with cross-functional teams including Leadership & Senior Leadership teams to understand the business needs and recommend network solutions that fits best
  
•  Participate in planning, designing and maintaining the OT network infrastructure of our clients                 
  
  Operational Management
  
• Assist DFIR team with imaging, data acquisition & installing agents for compromised clients on-site
  
•  Assist with the scoping of new engagements using a whole lifecycle approach, guiding the client from initial discovery through mitigation and remediation
  
•  Liase with DFIR team and Sales to keep open communication regarding compromised client
  
•  Assist DFIR team with additional workflow through incident response cases
  
•  Monitor network incidents using network monitoring tools and other systems to maintain 99.9% uptime of our network
  
•  Monitor and take ownership of network incidents using ticket management systems that requires further investigation and analysis
  
• Configure, install and maintain network hardware such as a Router, Switch, Access Points, etc. in both the IT and OT space of CyberClan clients
  
• Configure, install and maintain security firewalls and other security systems to maintain and continuously improve our clients’ security posture in the IT and OT space
  
•  Provide Level 3 network support and be an escalation contact by supporting the clients’ Service desk staffs and other team members in troubleshooting network incidents and escalations in a timely manner for both IT and OT network infrastructure
  
•  Troubleshoot network incidents by identifying and diagnosing network problems. This involves analyzing the network performance, conducting tests and pinpointing the root cause of issues.
  
•  Design, troubleshoot and maintain cloud-based firewalls in Azure, AWS, etc.
  
•  Monitor and test network performance and provide network performance statistics and reports
  
•  Perform on-site analysis, diagnosis, and resolution of complex network problems for a variety of network incidents and recommend and implement corrective hardware and software solutions. This may include travelling on-site to further resolve network issues.
  
•  Plan, schedule and perform network improvements, upgrades and apply required security patches on network hardware and software
  
•  Maintain an inventory of all network hardware and software in our asset management tools
  
•  Liaise with and provide training and support to clients’ service desk staffs on network issues
  
•  Participate in firewall policy reviews and recommend corrective actions to close any security gaps
  
•  Adhere to security policies and change management process/procedures
  
•  Provide on-call support to the business on a rotation basis
  
•  Diagnosing and resolving network-related issues (incidents and requests).
  
•  Maintaining the LAN and WAN Networks across multiple locations globally.
  
•  Managing 3rd party suppliers as required to maintain LAN / WAN services.
  
•  Responsible for day-to-day operation and support of the Network infrastructure, including Cisco (Switches, Routers), Palo Alto (Firewalls, Panorama & Prisma Access) and Meraki wireless systems. 
  
• Day-to-day operational management & support of the Velocloud / Zscaler network as well as operation and support of virtual networking elements within AWS & Azure, including routing, Firewalls and WAF.
  
• Provide Network technical support for various business and internally driven projects and workstreams, ensuring that the deliverables and milestones are met.
  
• Follow the change controls, incident management processes and policies as defined by the company.
  
• Maximize network performance by monitoring, troubleshooting problems and outages
  
  Required Skills and Experience
  
  
•  4-6 years of senior technical support or infrastructure disaster recovery
• Proficient in breach/disaster remediation including networking, hardware, and software recovery.
• Networking: Proficient with network technology such as Routers, Firewalls, Switches and Access Points. VLANs, VPNs, TCP/IP, DNS, PNs; ability to analyse network traffic and logs.
• Comfortable with network segregation and security compartmentalization techniques.
• Knowledgeable in all Windows environments, including Server and Workstation, troubleshooting, and diagnosing low-level operating systems and network issues.
• Experienced in firewall appliance security auditing and configuration.
• Ability to design and build ad-hoc environments to support every angle of client workflow while maintaining a keen awareness of a security first mindset.
• Confident with a wide range of hardware platforms including NAS, SAN, server, and networking devices.
•  In depth knowledge and experience administering hypervisors.
•  PowerShell scripting and design experience a must
•  Passion for solving customer issues and advocating for their success, in a fast paced, highly technical environment.
•  Ability to learn and support new technologies quickly.
•  Excellent relationship management, customer service and communication skills in variety of forms (written, live chat, conference calls, in-person).
• Ability to work independently with little direct supervision and as a part of a team.
• Outstanding analytical and organizational abilities.
•  Ability to remain calm, composed, and articulate when dealing with tough customer situations.                 Preferred Skills, Experience, Degrees or Certifications  
• Experience supporting hybrid cloud environments.
•  Experienced in wide range of on-premises and cloud-based backup solutions.
•  Experience supporting full range of security and remediation applications including EDR, software Firewalls and data recovery tools.

●        Exposure to implementation and maintenance of privileged access management solutions.

●        Linux troubleshooting experience a plus.

●        Experience with troubleshooting Windows, Mac and ChromeOS

●        MCP, ITIL, CompTIA, CDRE Certifications an asset

●        A passion for discovering the answer to never-before-seen complex puzzles and questions.

●        Thrives working in a high-stakes environment with constant rapidly evolving new problems.

●        A knowledge seeker always looking for the next new skill and insight.

●        Ability to think like an attacker and anticipate the next move.

Job Type

Full-time/Exempt

Location

100% Telecommuting

%of Travel Required

Up to 70%

Physical Requirements

Prolonged periods of sitting at a desk and working on a computer.

CyberClan is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status