Logo
Omni Inclusive

Omni Inclusive is hiring: Network Security Engineer in Phoenix

Omni Inclusive, Phoenix, AZ, United States


Work-Experience: 4-6 Years of total IT experience with significant experience in managing a group of professionals to deliver IT Security services for client-based environments. Type of Experience: Administer and support F5 appliances throughout the organization. Configure and support application security policies via the F5 ASM and APM security modules would be an added advantage. Creating implementation plans, LTM, GTM, and ASM configurations, TMOS code upgrades, and deployment of new load balancing builds for F5 load balancing technologies. Requesting and installing PKI server certificates. Experience writing and troubleshooting iRules. Knowledge of http protocol versions, headers, methods, and status codes. Excellent understanding of LTM configuration (VIPs, Persistence, SNAT, SSL, etc.). Ability to troubleshoot connection issues and services on F5 appliances. F5 Traffic Management Operating system, CLI commands, and Route Domains. Candidate must be good with Palo Alto, Cisco firewalls and Multi-Domain Security Management Expertise in Site-to-Site VPN for all platform- Cisco ASA, Firepower, Palo Alto, VPN Concentrator, etc. Experience should include security policy development, security education, Network Penetration testing, Application vulnerability assessments, risk analysis and compliance testing. Knowledge of IT Security technologies, Operating Systems, Database, routing and switching, and endpoint security solutions Knowledge of information security standards (e.g., ISO 17799/27002), rules and regulations related to information security and data confidentially (e.g., FERPA) and desktop, server, Application, database, Network security principals for risk identification and analysis. Exposed to best practice design & Implementation methodology Identifies, isolates and resolves network security problems Experience with Problem and Change Management processes and applications. Excellent written and verbal communication skills. Technical Certification are advantage Excellent leadership skills and teamwork skills. Results-oriented, high energy, self-motivated. Palo Alto policy management (making changes to the ACLs, Objects, policies) ASA policy management (making changes to the ACLs, Objects, policies) Exposure to Palo Alto & Cisco Firewall products. Certifications Certifications in IT Security will be preferred (CISCO CCIE security) F5 Certified Big-IP Administrator (F5-CA) will be an added advantage. Certification like CISSP will be an added advantage. Areas of Responsibility Validating the initial request and finding the basic information (ex: IP Addresses, Port number, Application owners, contact details) Knowledge of troubleshooting tools, such as: tcpdump, ssldump, openssl, QKView, logs, curl, Wireshark. F5 OS upgrades, backup and restores. Managing F5 appliances in HA configurations. Scheduling call for gathering Peer IP, NAT IP, Real IP (IP involved in the encryption domain), Protocols and Service Port information for building tunnel. Filling up the information / details received on the VPN form and collecting the BAA / other standard security documents (if needed) Coordinating with Network operations team related to routing the NAT IP, vendor end IP/s which are involved in the tunnel. Preparing the scripts/config to building the tunnel. Raising CRQ and following up of approvals from change managers, Perimeter Governance team, Site leadership, Application Owners and the Change Management team Implementing the tunnel change on the firewall along with the Network data team for routing the vendor NAT IPS on CSH side. Scheduling call with vendor and requester for troubleshooting the connectivity-related issues between the tunnel peers. Involving CSH and vendor side Application team, Server team along with vendor end technical person (Network / Security). Hypercare support, validation calls & Closure