Job Description :
Candidate will focus primarily on the analysis and implementation of firewall and proxy policy and the identification, tracking and remediation of risks related to network security infrastructure.

Essential Responsibilities:
Responsible for management/design/governance around the firewall and Proxy technology listed here: VMware NSX DFW and ESG Policy, Akamai WAF Policy, Amazon AWS Security Groups, Cisco ASA Policy, Palo Alto Firewall Policy, and BlueCoat Policy.
Analyze firewall rule policy configuration to ensure continued compliance and operational effectiveness and efficiency.
Implement security compliance strategies including:
Review and understand traffic patterns as reported by firewall logs
Evaluate and document the needs for new firewall rules
Draft proposed rules for implementation
Monitor usage of the new and existing rules to identification need for additional rule adjustments
Make recommendations on the timing of the elimination of stale rules
Work with the Network Security Lead Analyst, the business, Network and IT project teams that are proposing changes that impact Client network security controls to ensure that the teams follow defined security standards.

Support incoming security requests including:
Gain knowledge of the security posture of the organization and be able to identify and escalate to management if incoming requests appear to be non-compliant with existing standards, guidelines and/or best practices.
Develop and Implement solutions that conform to existing standards, guidelines and best practices.
Identify and evaluate, if necessary, alternative solutions weighing the risks of the solutions and make recommendations to management.
Support program strategy and operation rhythms
Assist with the internal incident response activities including the mitigation and remediation processes while documenting lessons learned
Develop and utilize metrics to track the performance and efficiency of security operations requests processes, remediation efforts, and associated technologies
Provide technical consulting on IS and IT projects as needed
Identify potential process improvement projects and serve as a change agent
Interface with fellow team members, colleagues on the security team, business partners, management, vendors, and external parties on best practices
Responsible to ensure Information Security (IS) tools and processes meet regulatory requirements
Establish and maintain business/IS relationship
Understand business objectives, priorities, drivers and technology focus areas
Ensure that expectations are met and ensure high customer satisfaction levels through established metrics against SLAs
Benchmark and implement industry best practices to mitigate potential threats to Client’s digital infrastructure and operations
Contextualize findings to Client’s specific business risks or vulnerabilities
Design SIEM/Splunk queries to provide insight into operational effectiveness and help identify risks/threats.
Support the design and implementation of procedures and controls necessary to ensure and protect the safety and security of all information systems assets, including prevention of intentional or inadvertent access, modification, disclosure, or destruction
Provide expertise and counsel to management, other organizations, and special project personnel
Support the preparation of appropriate reports and communicate status and results
Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals
Demonstrable ability to discuss with other IT personnel who as less network-savvy the development of a least-privilege firewall security rulebase fitting the requirements of their application, identifying access that may be excessive or not compliant with existing Company Policies, Standards, best practices and guidance.

Basic Qualifications/Requirements:
Bachelor’s degree and a minimum 2 years of work experience or Computer Science OR in in lieu of a degree, a High School Diploma/GED and minimum 4 years equivalent work experience
A minimum of 3 years of experience in Information Technology, Information Security Operations, Information Assurance, IT Auditing, or a related field, or a bachelor degree in information technology or a related field.
Minimum of 2 years’ experience working in a large, complex network environment.
Required minimum of 2 year of working knowledge of Enterprise firewall access list management and Web Proxy technology.
Must have strong verbal and written communication skills.
Strong interpersonal and critical thinking skills
Strong analytical skills

Desired Characteristics:
Working knowledge of VMware NSX Policy management and design, Akamai WAF Policy management, Amazon AWS Security Group.
Results driven, strategic, conceptual, and innovative thinker
Prior security operations experience and/or experience working with the following firewall/proxy technology: VMware NSX DFW and ESG Policy, Akamai WAF Policy, Amazon AWS Security Groups, Cisco ASA Policy, PaloAlto Firewall Policy, BlueCoat Policy.
Experience working with SIEM tools such as Splunk and ability to develop your own Splunk query.
Working understanding of routers, switches, VPNs, routing, network address translation, PAC files and DNS, and CDNs
One or more relevant security certifications (CISSP, CCNA, CCNE, CISM, etc
Experience working in a regulatory environment
Highly analytical, detail-oriented, and strong problem solving with a common sense approach to resolving problems
Expertise to clearly define complex issues despite incomplete or ambiguous information
Proficient with any scripting language such as Python, Powershell, or Rest and experience using these languages to assist in the management or automation laborious/repetitive work
Excellent consulting skills and superior ability to develop and maintain effective client relationships
Ability to work independently as well as part of a team
Expertise to clearly define complex issues despite incomplete or ambiguous information

Eligibility Requirements:
You must be 18 years or older
You must have a high school diploma or equivalent
You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the selection process