Senior Network Security Engineer

About the job
Job ID: MARJP00083611

Position: Senior Network Security Engineer

Location: Bethesda, MD 20814

Duration: 3 Months

Job Type: Contract

Work Type: Remote

 
 
Job Description

Strong Hands on Experience on Cisco ISE(On prem and Cloud) and Firemon tools. 
Strong Hands on Aruba Clear Pass, Cisco Meraki Solution 
Good to have Forescout NAC knowledge.

JOB SUMMARY

The Senior Network Security Engineer, Network Site Reliability Engineering (SRE) is the subject matter expert in designing and implementing the Network security strategy and platforms for the next-gen operations for all Client networks including the Property Networks, Datacenter/Cloud Networks, and Corporate Networks. 
This role will work closely and collaboratively with a matrix team of expert network architects and engineers to drive adoption of DevOps/SRE practices and operating models across all network product towers, and around globe. 
The Sr Security Engineer, brings a strong perspective that inspires change and motivates engineers to develop simple solutions to complex problems, driving the engineering and operations for network software development, automation, provisioning, performance management and tools / APIs for self-service across the globe. 
This role is accountable for establishing technical level relationships and partnering with all business disciplines, other MI teams, outsourcing vendors, and external suppliers to define and implement the Network DevOps / SRE roadmap, building and enforcing the standards defined in it. 
This position will also serve as lead to define and support service delivery and operational support standards for our Next Generation Operations, partnering with the global technology peer teams to meet service level requirements and resolve service delivery issues across the portfolio. 
Reporting to the Senior Director of Global Network DevOps/SRE, this key position is accountable to ensure overall requirements by customers and peer delivery and operations groups are met. 
Accountabilities include, but are not limited to continental IT executives, property LAN service providers (LSPs), end-user computing services delivery, hosting services, enterprise availability, server, storage, virtualization, inclusive of security/privacy, risk management, and disaster and crisis management. 
The successful candidate will provide Architecture leadership for all phases of the infrastructure lifecycle from ideation through execution, and ongoing management and support, with specific attention to identifying opportunities for proactive and reactive (self-healing) automation solutions across the network. 
(S)/He will develop and execute new initiatives to simplify, standardize, optimize, and automate the network designs, tooling, and operations to reduce implementation cycle times, eliminate service downtime, optimize performance, and ensure that all security and compliance requirements are fully governed.

Education and Experience

Required:

Undergraduate degree in an engineering or computer science discipline and/or equivalent experience/certification 
7+ years' experience in information technology including 5+ years' experience in the implementation of WAN, LAN, and datacenter networks with a focus on mission critical, customer-facing applications and services 
Strong Hands-on knowledge in installing, configuring, and troubleshooting of Cisco ISE 
Strong Hands-on knowledge in Firewall management solution like Firemon 
Extensive experience with security or security related products 
Must possess expertise in enterprise-wide design and administration of devices and policies in the security tools above 
Advanced knowledge of leveraging the orchestration APIs for developing scripts 
Help develop, document, and manage the requirements gathering process and provide detailed design and business processes to support the requirements throughout the project life cycle 
Knowledge and experience in firewalls, network management, wired and wireless network peripherals in supporting security products like Firemon and Cisco ISE 
Advanced knowledge of AAA, RADIUS and TACACS+ protocols, performing packet captures and analysis 
Experience of policy development, certificate provisioning in Firemon and Cisco ISE products a plus 
Perform network troubleshooting and upgrades. Coordinate with local teams and vendors, problem solve and restore services as needed. 
Familiarity with multiple languages, including C++, Java, Python Perl, or another programming language 
Experience implementing solutions using API Management Platforms. 
Field experience and knowledge of data networking and IP technologies including, DHCP, DNS, NAT, Remote Access VPN 
Experience with managing security tools in a hospitality industry a plus 
Must be able to collaborate and work with cross functional teams in multiple time zones 
CCIE or CCNP certifications or on the path to these certifications. CCNA is acceptable as well. 
Experience in Agile methodologies, daily stand-up meetings, sprint planning sessions and user story preparations 
Experience with firewalls and firewall management tools highly desirable 
Technical knowledge common routing protocols (e.g., OSPF, BGP), IPv6, VPN, etc. across a global distributed network 
Hands-on experience with common routing and switching platforms (Cisco, Juniper, HP/Aruba etc.) 
Hands-on experience designing, configuring, and operating high-speed campus / office / property networks 
Demonstrated experience in delivering written documents detailing network solutions and diagrams 
Knowledgeable in modern configuration management tools (Ansible, Chef, Fabric, etc.) 
Experience with Cloud Computing platforms (e.g. Amazon AWS, Microsoft Azure, Google Compute Engine) 
Technical knowledge in Load Balancing such as ELBs, NLBs, F5 BIGIP

Preferred:

Advanced Degree (e.g., MS, PhD) in Computer Science or other technical discipline or MBA, preferably with a focus on technology 
Hands-on Working knowledge of PKI, 802.1X, 802.11x, DNS, DHCP, SNMP, and VPN 
Technical knowledge in networking (Cisco and non-Cisco) with an emphasis on software-defined networks (SDN) and leveraging spine & leaf designs, load balancing, firewalls, security design (intrusion detection and prevention), DNS, NTP, Network Tools & Management 
Experience in researching emerging technologies and trends, standards, and products and synthesizing into clear technology roadmaps and strategies 
Strong knowledge of emerging tools, software, applications, and systems for attaining best-in-class IT technology across the enterprise 
Excellent problem-solving skills working independently and through leading outcomes for cross functional teams 
Excellent understanding of change management, testing requirements, techniques, and tools to ensure high availability of platforms 
Strong attention to detail with an ability to operate effectively across multiple priorities 
Ability to perform independently as a member of a team and through cross functional initiatives 
Proven track record of driving transformation in network technologies, tools, and processes through a data driven continuous improvement methodology 
Demonstrated experience in improving security, stability, reliability, performance, and agility of complex enterprise networks 
Strong technical knowledge of foundational networking technologies and solid understanding of the software defined networking (SDN) ecosystem 
Strong understanding of network infrastructure automation, instrumentation, and monitoring platforms and the emerging technologies in this area 
Proven experience leading highly effective technical teams through major technology and organizational change 
Proven experience driving operational performance through defining and enforcing Recovery Time Objective (RTO) and Recovery Point Objective (RPO) Service Level Agreements (SLAs) 
Certification in network and/or security technologies (e.g., FSCA, FSAA, FSCE, CCIE, CCNP, CISSP, etc.) 
Strong influencing skills and an ability to overcome barriers while driving change 
Excellent verbal and written communication skills for a wide range of audiences including executives, business stakeholders, and IT teams