blackstone
Network Engineer, AVP - NetOps & Security
blackstone, New York, New York, us, 10261
Role:
The Network Engineer works as part of the Cybersecurity & Enterprise Technology functions to implement, improve, and support Network Security tools. This role requires a blend of network engineering expertise and proficiency in managing and optimizing network tools and infrastructure.
Responsibilities:
The candidate will be responsible for the engineering of vendor solutions at Blackstone, including Firewalls, ZTNA (Zero Trust Network Access), SWGs (Secure Web Gateways), Network Segmentation, Access Control, and Cloud Network Security (NACLs, NSGs).
Provide engineering and operational support for network security products and services, including new deployments, hardware refresh/upgrades, migrations, and feature implementation.
Improve support procedures, standardize, and document rigid processes.
Leverage infrastructure-as-code frameworks (e.g., Terraform) to provision and maintain tool configurations and infrastructure.
Analyze network traffic flow using SIEM platforms (e.g., Splunk) to optimize performance, rules, and ensure efficient network operations.
Implement traditional segmentation policies (firewalling/ACLs) and Zero Trust Network policies, including micro-segmentation.
Work closely with network architecture teams to evaluate the readiness of new features and functionalities.
Improve and implement processes for overall infrastructure management, patch, and lifecycle management.
Qualifications:
Minimum 5+ years of hands-on technical experience engineering Network Engineering, Network Security, or similar Network tools.
Experience with Zscaler ZIA & ZPA, Palo Alto Firewalls.
Preferred experience (or similar) with: Cloudgenix (SD-WAN), Cloudflare (WAF), Forescout (NAC), Tufin/Algosec (Firewall Orchestration).
Hands-on experience with public cloud providers (AWS preferred) and cloud infrastructure management.
Experience with infrastructure-as-code frameworks (e.g., Terraform Cloud).
Ability to write automation scripts and web services (Python, Bash).
Strong understanding of network protocols and information security best practices.
Experience working with git source control and CI/CD systems (GitLab CI/CD).
Good understanding of enterprise architecture, including endpoint, network, and cloud-based systems.
Experience with SIEM (Splunk) technologies, event correlations, query management, and custom detections. Experience with observability platforms (Grafana).
B.S. in Information Technology, Computer Science, or a similar technical program.
Soft Skills:
Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders and collaborate effectively with cross-functional teams.
Strong analytical, problem-solving, and excellent documentation and organization skills.
Ability to self-organize, prioritize activities independently, and manage uncertainty effectively.
Experience managing stakeholder expectations in the delivery of projects.
Adaptability and continuous learning: proactive approach to self-education and able to adjust and pivot strategies in response to new information or changing environments.
Attention to detail: able to thoroughly review configurations and policies, identifying gaps in solution designs prior to implementation.
The duties and responsibilities described here are not exhaustive and additional assignments, duties, or responsibilities may be required of this position. Assignments, duties, and responsibilities may be changed at any time, with or without notice, by Blackstone in its sole discretion.
Expected annual base salary range:
$125,000 - $185,000
Actual base salary within that range will be determined by several components including but not limited to the individual's experience, skills, qualifications and job location. For roles located outside of the US, please disregard the posted salary bands as these roles will follow a separate compensation process based on local market comparables.
Additional compensation: Base salary does not include other forms of compensation or benefits offered in connection with the advertised role.
Blackstone is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other class or status in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including but not limited to hiring, placement, promotion, termination, transfer, leave of absence, compensation, and training. All Blackstone employees, including but not limited to recruiting personnel and hiring managers, are required to abide by this policy.
#J-18808-Ljbffr
The Network Engineer works as part of the Cybersecurity & Enterprise Technology functions to implement, improve, and support Network Security tools. This role requires a blend of network engineering expertise and proficiency in managing and optimizing network tools and infrastructure.
Responsibilities:
The candidate will be responsible for the engineering of vendor solutions at Blackstone, including Firewalls, ZTNA (Zero Trust Network Access), SWGs (Secure Web Gateways), Network Segmentation, Access Control, and Cloud Network Security (NACLs, NSGs).
Provide engineering and operational support for network security products and services, including new deployments, hardware refresh/upgrades, migrations, and feature implementation.
Improve support procedures, standardize, and document rigid processes.
Leverage infrastructure-as-code frameworks (e.g., Terraform) to provision and maintain tool configurations and infrastructure.
Analyze network traffic flow using SIEM platforms (e.g., Splunk) to optimize performance, rules, and ensure efficient network operations.
Implement traditional segmentation policies (firewalling/ACLs) and Zero Trust Network policies, including micro-segmentation.
Work closely with network architecture teams to evaluate the readiness of new features and functionalities.
Improve and implement processes for overall infrastructure management, patch, and lifecycle management.
Qualifications:
Minimum 5+ years of hands-on technical experience engineering Network Engineering, Network Security, or similar Network tools.
Experience with Zscaler ZIA & ZPA, Palo Alto Firewalls.
Preferred experience (or similar) with: Cloudgenix (SD-WAN), Cloudflare (WAF), Forescout (NAC), Tufin/Algosec (Firewall Orchestration).
Hands-on experience with public cloud providers (AWS preferred) and cloud infrastructure management.
Experience with infrastructure-as-code frameworks (e.g., Terraform Cloud).
Ability to write automation scripts and web services (Python, Bash).
Strong understanding of network protocols and information security best practices.
Experience working with git source control and CI/CD systems (GitLab CI/CD).
Good understanding of enterprise architecture, including endpoint, network, and cloud-based systems.
Experience with SIEM (Splunk) technologies, event correlations, query management, and custom detections. Experience with observability platforms (Grafana).
B.S. in Information Technology, Computer Science, or a similar technical program.
Soft Skills:
Excellent communication skills, with the ability to explain technical concepts to non-technical stakeholders and collaborate effectively with cross-functional teams.
Strong analytical, problem-solving, and excellent documentation and organization skills.
Ability to self-organize, prioritize activities independently, and manage uncertainty effectively.
Experience managing stakeholder expectations in the delivery of projects.
Adaptability and continuous learning: proactive approach to self-education and able to adjust and pivot strategies in response to new information or changing environments.
Attention to detail: able to thoroughly review configurations and policies, identifying gaps in solution designs prior to implementation.
The duties and responsibilities described here are not exhaustive and additional assignments, duties, or responsibilities may be required of this position. Assignments, duties, and responsibilities may be changed at any time, with or without notice, by Blackstone in its sole discretion.
Expected annual base salary range:
$125,000 - $185,000
Actual base salary within that range will be determined by several components including but not limited to the individual's experience, skills, qualifications and job location. For roles located outside of the US, please disregard the posted salary bands as these roles will follow a separate compensation process based on local market comparables.
Additional compensation: Base salary does not include other forms of compensation or benefits offered in connection with the advertised role.
Blackstone is committed to providing equal employment opportunities to all employees and applicants for employment without regard to race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other class or status in accordance with applicable federal, state and local laws. This policy applies to all terms and conditions of employment, including but not limited to hiring, placement, promotion, termination, transfer, leave of absence, compensation, and training. All Blackstone employees, including but not limited to recruiting personnel and hiring managers, are required to abide by this policy.
#J-18808-Ljbffr