University of Southern California
Network Security Engineer
University of Southern California, Los Angeles, California, United States, 90079
Network Security EngineerThe University of Southern California's (USC's) Information Technology Services is seeking a talented
Network Security Engineer
with an exceptional commitment to service excellence to join its team. As the Network Security Engineer, you will be an integral member of the Firewall Services team, collaborating with diverse and talented team members to help solve multidimensional information technology problems, improve customer experience, and generate value for our campus stakeholders across a broad base of departments and constituencies.The
Network Security Engineer
will be tasked with supporting/assisting with tickets related to Firewalls, VPN Connectivity, Load Balancer Environments, Cloud engineering/guidance, and DNS requests.These support requests include everything from the registration of computers on the wired network to the need for more extensive support for building out new and secure environments for researchers in the data centers and on campus.Minimum Qualifications:Bachelor's degree in computer science, Computer Information Systems, related fields, or equivalent combination of education, training, and experience.Experience with Border Gateway Protocol (BGP), intrusion detection, proxies, firewalls, packet capture, and/or data loss prevention.Experience designing and implementing security measures within public cloud environments (e.g., AWS, Azure).Experience troubleshooting and deploying solutions involving certificates and public key infrastructures (802.1X or SSL decryption and offloading), and designing and deploying web proxy and content filtering solutions for data loss prevention.Experience performing packet and flow analysis with various toolsets including in-line taps, firewall/IPS appliances, network routers and hosts.Experience working with network access control platforms, writing shell scripts using Python or Bash, and using infrastructure monitoring tools.Experience designing and working with firewall and intrusion prevention systems.Experience working in project-based environments, able to effectively collaborate and communicate with individuals and teams across an organization.Ability to generate reports, create presentations, and present to appropriate stakeholders.Ability to contribute expertise to design discussions and support the development of network solutions.Demonstrate a strong commitment to USC's Unifying Values of integrity, excellence, diversity, equity and inclusion, well-being, open communication, and accountability.Preferred Qualifications:Bachelor's degree in a relevant field such as computer science, computer engineering, etc.More than four years of experience in information technology, network engineering, or network security.Experience designing and working with firewall and intrusion prevention systems with a focus on Fortinet and Palo Alto security platforms.Experience working with WAF and CDN providers.Experience working with Palo Alto & Fortinet security platforms to design firewalls and monitor intrusions.Experience working with Cisco VPN Solutions for Remote Access.CCIE Security, CCNA Security, CCNP Security, Fortinet NSE4, OSCP, CISSP, and/or CEH certifications.THE WORK YOU WILL DOThe
Network Security Engineer
supports planning, design, optimization, implementation, audit, and troubleshooting of network security systems, improving the overall posture of the university and its assets. Collaborates with other teams, including security operations, governance, and system administrators, to successfully design and deploy required solutions to harden university platforms.Job Accountabilities:Works collaboratively with key stakeholders within ITS and with other campus departments to deliver highly reliable and secure network services. Creates and maintains detailed written documentation. Shares experiences and subject matter expertise with other ITS staff through written and oral presentations. Provides timely communications to stakeholders, technical staff, and management as required. Communicates and reports network security incidents and issues to university and ITS leaders.Develops and implements solutions to protect the network infrastructure from external and internal threats. Ensures compliance with statutory and regulatory requirements regarding information access, security, and privacy. Plans and executes system upgrades, bug fixes, and other changes using service management software and methodologies.Actively engages with customers to resolve network issues. Acts as a consultant to campus departments to determine the suitability and capability of devices to connect to the campus network. Aligns activities to approved security policies.Properly secures university data by evaluating, recommending, and performing new firewall implementations, configuration changes, and other projects and solutions, including those requiring security operational support. Leverages the latest industry knowledge to identify opportunities for innovation and continuous improvement.Maintains network security systems, leveraging existing tools and leading-edge practices (e.g., upgrading and applying software updates and patches to network devices). Reviews and monitors security appliances, and enacts changes based on operational requirements. Builds network security infrastructures and responds to network-related incidents in a timely fashion. Configures and maintains network equipment and monitoring tools. Tests systems for software and hardware weaknesses and assists incident response for breaches and intrusions.Actively participates in the identification of operational opportunities and gaps. Recommends and implements solutions that solve security challenges while meeting business objectives.Aids the cultivation of an inclusive environment and a culture of trust and transparency, sharing information broadly, openly, and deliberately. Builds and maintains collaborative relationships with diverse team members, peers, and leaders. Actively embodies ITS values and behaviors (e.g., accountability, ethics, best-in-class customer service).Collaborates with team members and management, implementing effective network security solutions to support the network engineering team's vision. Maintains currency with new and emerging technology, standards, and best practices. Supports process improvement efforts within the team and across the ITS organization.THE TEAMITS has embarked on a major digital transformation initiative to continually improve services for faculty, staff, and students in support of USC's ascent as a leading institution of higher education. The ITS vision aligns strategy, business, and services, affirms ITS cultural values, empowers cross-functional teamwork, embraces world-class best practices, and promotes innovation, excellence, agility, and efficiency.ITS CULTUREUSC's ITS organization represents a diverse and talented team committed to supporting a collaborative culture and delivering secure and innovative IT services, core to the mission of USC. ITS values accountability, excellence, and commitment to exceptional customer experience.ABOUT USCUSC is the leading private research university in Los Angeles-a global center for arts, technology, and international business. With more than 47,500 students, we are located primarily in Los Angeles and various US and global satellite locations. As the largest private employer in Los Angeles, responsible for $8 billion annually in economic activity in the region, we offer the opportunity to work in a dynamic and diverse environment in careers that span a broad spectrum of talents and skills.Join the USC ITS team and work as a trusted partner in shaping an environment of innovation and excellence.This position's annual base salary range is $130,000 - $135,000. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the position's scope and responsibilities, the candidate's work experience, education/training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, and external market and organizational considerations.Minimum Education: Bachelor's degreeCombined experience/education as substitute for minimum educationMinimum Work Experience: 4 yearsCombined experience/education as substitute for minimum work experienceMinimum Field of Expertise:Experience with Border Gateway Protocol (BGP), intrusion detection, proxies, firewalls, packet capture, and/or data loss prevention. Experience designing and implementing security measures within public cloud environments (e.g., AWS, Azure). Experience troubleshooting and deploying solutions involving certificates and public key infrastructures (802.1X or SSL decryption and offloading), and designing and deploying web proxy and content filtering solutions for data loss prevention. Experience performing packet and flow analysis with various toolsets including in-line taps, firewall/IPS appliances, network routers and hosts. Experience working with network access control platforms, writing shell scripts using Python or Bash, and using infrastructure monitoring tools. Experience designing and working with firewall and intrusion prevention systems. Experience working in project-based environments, able to effectively collaborate and communicate with individuals and teams across an organization. Ability to generate reports, create presentations, and present to appropriate stakeholders. Ability to contribute expertise to design discussions and support the development of network solutions.
#J-18808-Ljbffr
Network Security Engineer
with an exceptional commitment to service excellence to join its team. As the Network Security Engineer, you will be an integral member of the Firewall Services team, collaborating with diverse and talented team members to help solve multidimensional information technology problems, improve customer experience, and generate value for our campus stakeholders across a broad base of departments and constituencies.The
Network Security Engineer
will be tasked with supporting/assisting with tickets related to Firewalls, VPN Connectivity, Load Balancer Environments, Cloud engineering/guidance, and DNS requests.These support requests include everything from the registration of computers on the wired network to the need for more extensive support for building out new and secure environments for researchers in the data centers and on campus.Minimum Qualifications:Bachelor's degree in computer science, Computer Information Systems, related fields, or equivalent combination of education, training, and experience.Experience with Border Gateway Protocol (BGP), intrusion detection, proxies, firewalls, packet capture, and/or data loss prevention.Experience designing and implementing security measures within public cloud environments (e.g., AWS, Azure).Experience troubleshooting and deploying solutions involving certificates and public key infrastructures (802.1X or SSL decryption and offloading), and designing and deploying web proxy and content filtering solutions for data loss prevention.Experience performing packet and flow analysis with various toolsets including in-line taps, firewall/IPS appliances, network routers and hosts.Experience working with network access control platforms, writing shell scripts using Python or Bash, and using infrastructure monitoring tools.Experience designing and working with firewall and intrusion prevention systems.Experience working in project-based environments, able to effectively collaborate and communicate with individuals and teams across an organization.Ability to generate reports, create presentations, and present to appropriate stakeholders.Ability to contribute expertise to design discussions and support the development of network solutions.Demonstrate a strong commitment to USC's Unifying Values of integrity, excellence, diversity, equity and inclusion, well-being, open communication, and accountability.Preferred Qualifications:Bachelor's degree in a relevant field such as computer science, computer engineering, etc.More than four years of experience in information technology, network engineering, or network security.Experience designing and working with firewall and intrusion prevention systems with a focus on Fortinet and Palo Alto security platforms.Experience working with WAF and CDN providers.Experience working with Palo Alto & Fortinet security platforms to design firewalls and monitor intrusions.Experience working with Cisco VPN Solutions for Remote Access.CCIE Security, CCNA Security, CCNP Security, Fortinet NSE4, OSCP, CISSP, and/or CEH certifications.THE WORK YOU WILL DOThe
Network Security Engineer
supports planning, design, optimization, implementation, audit, and troubleshooting of network security systems, improving the overall posture of the university and its assets. Collaborates with other teams, including security operations, governance, and system administrators, to successfully design and deploy required solutions to harden university platforms.Job Accountabilities:Works collaboratively with key stakeholders within ITS and with other campus departments to deliver highly reliable and secure network services. Creates and maintains detailed written documentation. Shares experiences and subject matter expertise with other ITS staff through written and oral presentations. Provides timely communications to stakeholders, technical staff, and management as required. Communicates and reports network security incidents and issues to university and ITS leaders.Develops and implements solutions to protect the network infrastructure from external and internal threats. Ensures compliance with statutory and regulatory requirements regarding information access, security, and privacy. Plans and executes system upgrades, bug fixes, and other changes using service management software and methodologies.Actively engages with customers to resolve network issues. Acts as a consultant to campus departments to determine the suitability and capability of devices to connect to the campus network. Aligns activities to approved security policies.Properly secures university data by evaluating, recommending, and performing new firewall implementations, configuration changes, and other projects and solutions, including those requiring security operational support. Leverages the latest industry knowledge to identify opportunities for innovation and continuous improvement.Maintains network security systems, leveraging existing tools and leading-edge practices (e.g., upgrading and applying software updates and patches to network devices). Reviews and monitors security appliances, and enacts changes based on operational requirements. Builds network security infrastructures and responds to network-related incidents in a timely fashion. Configures and maintains network equipment and monitoring tools. Tests systems for software and hardware weaknesses and assists incident response for breaches and intrusions.Actively participates in the identification of operational opportunities and gaps. Recommends and implements solutions that solve security challenges while meeting business objectives.Aids the cultivation of an inclusive environment and a culture of trust and transparency, sharing information broadly, openly, and deliberately. Builds and maintains collaborative relationships with diverse team members, peers, and leaders. Actively embodies ITS values and behaviors (e.g., accountability, ethics, best-in-class customer service).Collaborates with team members and management, implementing effective network security solutions to support the network engineering team's vision. Maintains currency with new and emerging technology, standards, and best practices. Supports process improvement efforts within the team and across the ITS organization.THE TEAMITS has embarked on a major digital transformation initiative to continually improve services for faculty, staff, and students in support of USC's ascent as a leading institution of higher education. The ITS vision aligns strategy, business, and services, affirms ITS cultural values, empowers cross-functional teamwork, embraces world-class best practices, and promotes innovation, excellence, agility, and efficiency.ITS CULTUREUSC's ITS organization represents a diverse and talented team committed to supporting a collaborative culture and delivering secure and innovative IT services, core to the mission of USC. ITS values accountability, excellence, and commitment to exceptional customer experience.ABOUT USCUSC is the leading private research university in Los Angeles-a global center for arts, technology, and international business. With more than 47,500 students, we are located primarily in Los Angeles and various US and global satellite locations. As the largest private employer in Los Angeles, responsible for $8 billion annually in economic activity in the region, we offer the opportunity to work in a dynamic and diverse environment in careers that span a broad spectrum of talents and skills.Join the USC ITS team and work as a trusted partner in shaping an environment of innovation and excellence.This position's annual base salary range is $130,000 - $135,000. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the position's scope and responsibilities, the candidate's work experience, education/training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, and external market and organizational considerations.Minimum Education: Bachelor's degreeCombined experience/education as substitute for minimum educationMinimum Work Experience: 4 yearsCombined experience/education as substitute for minimum work experienceMinimum Field of Expertise:Experience with Border Gateway Protocol (BGP), intrusion detection, proxies, firewalls, packet capture, and/or data loss prevention. Experience designing and implementing security measures within public cloud environments (e.g., AWS, Azure). Experience troubleshooting and deploying solutions involving certificates and public key infrastructures (802.1X or SSL decryption and offloading), and designing and deploying web proxy and content filtering solutions for data loss prevention. Experience performing packet and flow analysis with various toolsets including in-line taps, firewall/IPS appliances, network routers and hosts. Experience working with network access control platforms, writing shell scripts using Python or Bash, and using infrastructure monitoring tools. Experience designing and working with firewall and intrusion prevention systems. Experience working in project-based environments, able to effectively collaborate and communicate with individuals and teams across an organization. Ability to generate reports, create presentations, and present to appropriate stakeholders. Ability to contribute expertise to design discussions and support the development of network solutions.
#J-18808-Ljbffr