SysMind Tech
Network Security Engineer
SysMind Tech, Jacksonville, Florida, United States, 32290
Firewall Replacements End of Life hardware.•Verification of Bill of Material, receive/Inspect/Burn-in the newly received hardware•Identify power requirement, cabling and space requirements for the hardware•Create a low level design documentation, including host names as per Naming Convention Deployment Guide Lines (DGL), Interfaces Mapping,•Review Networker and iServer for the End of Life (EOL) devices to be replaced•Review Switches and Routers for port availability and check routing configuration, etc. (consult with GNS Engineering)•Develop a Cable Patch schedule for the Firewall Cluster•Create and Prepare NetAppls entries•Review Console cabling setup for the new devices•Create Service Now Request to Rack/Stack and cable devices•Verify Console Access of the newly installed devices•Check the OS version of the new Firewalls.•Build the Firewalls with the proper OS as per DGL.•Create the base configuration for the Firewalls•Create Service Now Change request couple of weeks in advance to provide application owners time to support pre & post testing•Attend CAB Meetings to support Changes by Local DB Party•Finalize pre-prod configuration of the firewalls.•Bring the firewalls into pre-production status•Cutover the new Firewall Cluster as per DGL•Install the Firewall Policies on the new Firewall Cluster•Perform failover & stability tests of the new setup•Wipe clean configuration from old devices and remove from datacenter•OS (Operating system) upgrades•Co-ordinate with PM on all activities related to OS upgrade and Testing•Co-ordinate with Application Owner to perform Pre and Post Testing•Create Service Now Requests to upgrade the Firewall OS from R80.40 to R81.20 or any new version as dictated by Engineering and agreed by PM using the CDT tool•Attend CAB Meeting to ensure changes are approved•Contact Application Owners to perform pre and post testing•Perform the cut over and upgrade the Firewall OS•All firewall changes must comply with DB 4-eyes process and be accepted by engineering.•Sign off from Network Operations and clients must be obtained before closing change, where applicable.
GDC support of daily firewall deployment tasks•Work on ACR Help Requests to assist global clients•Work on Work Requests•Prepare firewall changes as per ACR•Perform ULL change requests•Installing firewall policies•Troubleshooting calls with clients•Perform CVC checks on changes and escalate as necessary•Weekend emergency support
Must Have:
Experience working in a corporate global network environment with an emphasis on Network Security
Excellent communication skills both written and verbal
Awareness of change practice procedures and compliance/adherence
Able to work/collaborate as a member of a team or individually
Ability to work in a pressurised time critical environment
Exhibit a high degree of integrity
Self-starter and disciplined in your approach to work
Firewall-1/VPN-1 up to and including vR81
CCSA certified
Provider-1 Smart Domain Manager
Check Point/Cisco/Juniper solution provision
Check Point/Cisco/Juniper troubleshooting
Check Point management server configuration and support
Proxy platform troubleshooting including McAfee and Bluecoat
McAfee, NSM experience
Nice to Have:
CCSE Certified
Cisco Certified - CCNP (Network or Security)
ITIL v3 Foundation certified
Project management awareness
Awareness or experience of finance industry related privacy or regulatory procedures and standards"
GDC support of daily firewall deployment tasks•Work on ACR Help Requests to assist global clients•Work on Work Requests•Prepare firewall changes as per ACR•Perform ULL change requests•Installing firewall policies•Troubleshooting calls with clients•Perform CVC checks on changes and escalate as necessary•Weekend emergency support
Must Have:
Experience working in a corporate global network environment with an emphasis on Network Security
Excellent communication skills both written and verbal
Awareness of change practice procedures and compliance/adherence
Able to work/collaborate as a member of a team or individually
Ability to work in a pressurised time critical environment
Exhibit a high degree of integrity
Self-starter and disciplined in your approach to work
Firewall-1/VPN-1 up to and including vR81
CCSA certified
Provider-1 Smart Domain Manager
Check Point/Cisco/Juniper solution provision
Check Point/Cisco/Juniper troubleshooting
Check Point management server configuration and support
Proxy platform troubleshooting including McAfee and Bluecoat
McAfee, NSM experience
Nice to Have:
CCSE Certified
Cisco Certified - CCNP (Network or Security)
ITIL v3 Foundation certified
Project management awareness
Awareness or experience of finance industry related privacy or regulatory procedures and standards"