Job Description :
Job Description for Network Security Engineer- VPN Work-Experience: 4-6 Years of total IT experience with significant experience in managing group of professional to deliver IT Security services for client based environment. Type of Experience: Candidate must be good with Palo Alto, Cisco firewalls and Multi-Domain Security Management Expertise in Site-to-Site VPN for all platform- Cisco ASA, Firepower, Palo Alto, VPN Concentrator, etc. Experience should include security policy development, security education, Network Penetration testing, Application vulnerability assessments, risk analysis and compliance testing. Knowledge of IT Security technologies, Operating Systems, Database, routing and switching, and endpoint security solutions Knowledge of information security standards (e.g., ISO 17799/27002), rules and regulations related to information security and data confidentially (e.g., FERPA) and desktop, server, Application, database, Network security principals for risk identification and analysis. Exposed to best practice design & Implementation methodology Identifies ,isolates and resolves network security problems Experience with Problem and Change Management processes and applications. Excellent written and verbal communication skills. Technical Certification are advantage Excellent leadership skills and teamwork skills. Results oriented, high energy, self-motivated. Palo Alto policy management (making changes to the ACLs, Objects, policies) ASA policy management (making changes to the ACLs, Objects, policies) Exposure to Palo Alto & Cisco Firewall products. Certifications Certifications in IT Security will be preferred (CISCO CCIE security) Certification like CISSP will be an added advantage Areas of Responsibility Validating the initial request and finding the basic information(ex: IP Addresses, Port number, Application owners, contact details) Scheduling call for gathering Peer IP, NAT IP, Real IP (IP involved in the encryption domain), Protocols and Service Port information for building tunnel Filling up the information / details received on the VPN form and collecting the BAA / other standard security documents (if needed) Coordinating with Network operations team related to routing the NAT IP, vendor end IP/s which are involved in the tunnel. Preparing the scripts/config to building the tunnel. Raising CRQ and following up of approvals from change managers, Perimeter Governance team, Site leadership, Application Owners and Change Management team Implementing the tunnel change on the firewall along with Network data team for routing the vendor NAT IPS on CSH side. Scheduling call with vendor and requester for troubleshooting the connectivity related issues between the tunnel peers. Involving CSH and vendor side Application team, Server team along with vendor end technical person (Network / Security Hypercare support, validation calls & Closure