Logo
Raymond James

Lead Network Security Engineer

Raymond James, Southfield, Michigan, United States, 48076


Description This position follows our hybrid-friendly schedule, so you get the best of both worlds flexibility and collaboration. In office days will be 2-3 per week averaging 10-12 days per month in one of the following Corporate Office locations: St. Petersburg, FL; Southfield, MI; Denver, CO Job Summary: The Lead Network Engineer is responsible for managing, designing, and improving RJs enterprise network. He or she will assist network architects with design and implementation of network technologies. This role is responsible for senior level network engineering implementation and providing guiding principles and technical leadership to peer engineers, proactively taking technology project delivery from 0 to 100% with little to no supervision. General duties include leading the buildout of solutions and driving innovation for implementation of new modern technologies in the enterprise network. Partners with management and peer engineers to drive infrastructure modernization projects to completion and provides Tier3 technical support using extensive expertise to take on work assignments the team is engaged in. Strong people skills and the ability to balance/prioritize between multiple tasks and projects are essential. This position involves routing and switching and network firewall implementation projects for both on-prem and cloud infrastructure. Essential Duties and Responsibilities: Design, improve and innovate: Primary focus is to implement recent technologies or changes to existing technologies as identified and designed by the architecture team. Researches and recommends innovative technologies and approaches for enterprise infrastructure management, upgrades, or improvements. Utilize and integrate network components such as switches, routers, firewalls, wireless AP/Controllers, SDN fabric components, load balancers, Network Access Control (NAC) servers and cloud infrastructure network elements. Proactively identify and implement network improvements to assure the performance, resiliency, and redundancy of the network. Utilizes blueprints to engineer solutions and adhere to enterprise standards (engineering focused, architecture supported). Take disaster recovery and business continuity plan aspects into consideration for any new technology implementation or change. Monitor, document and offer proactive support: Provides ad-hoc support for incidents requiring T3 level resources (engineering/architecture) and knowledge. Use Microsoft Visio to produce and maintain documentation with regards to implementation of new systems or system changes Participate in 24x7 on call rotation for SME T3 support requirements as needed. Maintains service level agreements of departmental metrics, key performance indicators and adhering to strict project timelines. Maintain/Improve security posture, promptly addressing issues, vulnerabilities, and security requirements according to regulatory guidelines (PCIDSS, PII, CIS, NIST) Lead, collaborate and coach: Work collaboratively across a variety of business units to implement new technologies. Coordinate and take lead of assigned projects in all technical and communication aspects. Lead engineering peers towards achieving common goals in assigned projects. Coach peer engineers and effectively perform knowledge transfer/cross training activities. Provide technical leadership as an SME or as part of an Information Technology (IT) project. Qualifications Knowledge, Skills, and Abilities: Required: Strong experience in network design, implementation, and documentation of medium-large scale enterprise networks (10,000 users) Strong experience using cisco enterprise technologies - CCNP Enterprise (R&S) knowledge level required 1-2 years of experience in designing, implementing and maintaining data center spine leaf fabrics (Arista/Cisco). Arista ACE L3 certification required. 1-2 years of experience with Cisco DNA Center 1-2 years of Experience with SDWAN technologies (Cisco, Palo Alto ION) Experience with Cisco Wireless technologies in a large enterprise environment (Cisco WLC, FlexConnect, CAPWAP) Desirable: Experience with designing, implementing, and maintaining Palo Alto Centrally managed firewall platforms (NGFW Pan OS, Threat Prevention, UserID, Global Protect, HA setup, Prisma Access) Administering F5 Clusters, Load balancing, SSL decryption policies, DNS Geolocation (LTM, GTM, APM, ASM/Cloud WAF). Remote Access VPN solutions (Global Protect, F5 BIG-IP Edge) Certificate management (Venafi), Cryptographic protocols and algorithms, certificate PKI. Implementing NAC solutions (Forescout/Cisco ISE) Experience with Infoblox DNS/IPAM functions. Familiarity with cloud computing principles and experience in designing secure and scalable network solutions for cloud environments. Automation/scripting experience (Python, Ansible) Network security protocols, architecture, and design principles; intrusion detection, prevention systems, secure socket layer (SSL) protocols, virtual private networks (VPNs), Network performance optimization, capacity planning and load balancing. Familiarity with the following monitoring platforms: Microsoft SevOne, SolarWinds, DataDog, Splunk)Skill in: Technical skills to oversee hardware and software systems. Problem-solving skills, such as troubleshooting network issues and developing effective solutions. Communication, convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message. Satisfactory level of technical and professional skill or knowledge in position-related areas; remains current with developments and trends in areas of expertise. Problem solving using effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints and probable consequences. Time management to prioritize and effectively get through project deadlines. Research, creating, writing, editing and proofreading documentation. Satisfactory level of technical and professional skill or knowledge in position-related areas; remains current with developments and trends in areas of expertise. Ability to Identify and understand issues, problems, and opportunities; compare data from various sources to draw conclusions. Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that is consistent with available facts, constraints, and probable consequences. Demonstrate a satisfactory level of technical and professional skill or knowledge in position-related areas. Develop and use collaborative relationships to facilitate the accomplishment of work goals. Ability and desire to effectively work as a team member in cross functional environment Effective communication with technical team members and more importantly non-technical team members. Make internal and external clients and their needs a primary focus of actions; develop and sustain productive client relationships. Occasionally work a non-standard shift including nights and/or weekends and/or have on-call responsibilities. Work in a team environment or project room to facilitate collaboration. Understand basic programming concepts, coding practices, algorithms, and data structures. Work a non-standard shift including nights and/or weekends and/or have on-call responsibilities. Performs other duties and responsibilities as assigned. Educational/Previous Experience Requirements: Typically requires a Bachelor's degree; 5 plus years of relevant experience. May have one or more technical or business-related certifications. Licenses/Certifications: Required: CCNP Enterprise (R&S), Arista ACE L3. Desirable: CCIE, PCNSE. Security and control certifications preferred (CISSP, CISM, CISA, CRISC) Travel: Travel required 10% Job: Technology Primary Location: US-FL-St. Petersburg-Saint Petersburg Other Locations: US-MI-Southfield-Southfield, US-CO-Denver-Denver Organization Technology Schedule Full-time Job Shift Day Job Travel No Req ID: 2402752