eTeam
Network Security Engineer III
eTeam, United, Pennsylvania, us, 15689
POSITION TITLE: Security Operations Engineer - Network and Perimeter SecurityLocation: RemoteDuration: 1 Year
FUNCTION: Information TechnologyWHAT YOU WILL BE DOING:As a Network Security Engineer III, you will play a pivotal role in our organization's cybersecurity efforts. You will be responsible for leading and executing complex cybersecurity operations and incident response initiatives to safeguard our systems and networks against advanced threats. Working closely with cross-functional teams, you will provide expert-level guidance to junior analysts and other teams within the organization.
PRIMARY DUTIES AND RESPONSIBILITIES:• Review proposed change requests to rules or policies for firewalls, router access control lists, IPS, and proxies.• Perform regular reviews or audits of deployed rulesets to identify drift from baseline.• Serves as primary point-of-contact in reviewing threats and vulnerabilities and ensuring servers and firewalls are properly configured and managed.• Monitor and address security incidents, implementing measures to enhance incident response and resolve security issues.• Perform regular reviews or audits of deployed rulesets to identify drift from baseline.• Review proposed change requests to rules or policies for firewalls, router access control lists, IPS, and proxies.• Perform triage of potential security incidents in accordance with the SOC (Security Operations Center) case handling procedures, alert handling procedures, and customer-specific procedures.• Mentor and provide guidance to junior network security engineers.• Perform continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.• Participate in on-call rotation (including weekends) to ensure continuous operations.
EXPERIENCE, SKILLS AND EDUCATIONAL REQUIREMENTS:Must have:• Degree in Cybersecurity, Network Engineering, Computer Science, Information Systems or other related field, or equivalent work experience• 5-7 years of combined IT and Network security work experience with a broad range of exposure to cybersecurity functions.• Profound knowledge of network security principles and best practices.• nalyze network communication flows (based on WireShark traces or Firewall loggings)• In-depth knowledge of network protocols (TCP/IP, LAN/WAN, Routing, HTTP, DNS, SMTP)• Hands-on extensive experience and proficiency performing network security investigations with the following security tool categories: (Firewalls, Network IDS/IPS Solutions, Switch/Router ACLs, Network Access Control solutions, Proxy Servers and Secure Web Gateway, SIEM, EDR, Email Security Gateway, SOAR, Anti-virus).• Deep understanding of cyber security industry frameworks (e.g. MITRE ATT&CK, D3FEND, NIST, Cyber Killschain, etc.)• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English• Experience in leading major incident breach response activities.• bility to develop new, and follow existing operating procedures and runbooks• Highly skilled in technical incident report writing and maintenance of document and evidence repositories• CCNA, CCDA, CCNP, or Network+ certification required.
Nice to have:• Fluency in other languages i.e. Turkish; Spanish; French; Lithuanian.• Security certification (i.e. Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH) or equivalent• Expertise in one or more of the following functional areas: Digital Forensics, Threat Hunting• Experience in developing network security tabletop scenarios• Experience in Python, PowerShell, Bash or any other scripting languages• Prior experience in developing detection rules and SOAR playbooks
FUNCTION: Information TechnologyWHAT YOU WILL BE DOING:As a Network Security Engineer III, you will play a pivotal role in our organization's cybersecurity efforts. You will be responsible for leading and executing complex cybersecurity operations and incident response initiatives to safeguard our systems and networks against advanced threats. Working closely with cross-functional teams, you will provide expert-level guidance to junior analysts and other teams within the organization.
PRIMARY DUTIES AND RESPONSIBILITIES:• Review proposed change requests to rules or policies for firewalls, router access control lists, IPS, and proxies.• Perform regular reviews or audits of deployed rulesets to identify drift from baseline.• Serves as primary point-of-contact in reviewing threats and vulnerabilities and ensuring servers and firewalls are properly configured and managed.• Monitor and address security incidents, implementing measures to enhance incident response and resolve security issues.• Perform regular reviews or audits of deployed rulesets to identify drift from baseline.• Review proposed change requests to rules or policies for firewalls, router access control lists, IPS, and proxies.• Perform triage of potential security incidents in accordance with the SOC (Security Operations Center) case handling procedures, alert handling procedures, and customer-specific procedures.• Mentor and provide guidance to junior network security engineers.• Perform continuous improvements on services by identifying and correcting problems and gaps in knowledge and document materials.• Participate in on-call rotation (including weekends) to ensure continuous operations.
EXPERIENCE, SKILLS AND EDUCATIONAL REQUIREMENTS:Must have:• Degree in Cybersecurity, Network Engineering, Computer Science, Information Systems or other related field, or equivalent work experience• 5-7 years of combined IT and Network security work experience with a broad range of exposure to cybersecurity functions.• Profound knowledge of network security principles and best practices.• nalyze network communication flows (based on WireShark traces or Firewall loggings)• In-depth knowledge of network protocols (TCP/IP, LAN/WAN, Routing, HTTP, DNS, SMTP)• Hands-on extensive experience and proficiency performing network security investigations with the following security tool categories: (Firewalls, Network IDS/IPS Solutions, Switch/Router ACLs, Network Access Control solutions, Proxy Servers and Secure Web Gateway, SIEM, EDR, Email Security Gateway, SOAR, Anti-virus).• Deep understanding of cyber security industry frameworks (e.g. MITRE ATT&CK, D3FEND, NIST, Cyber Killschain, etc.)• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy-to-understand concepts in English• Experience in leading major incident breach response activities.• bility to develop new, and follow existing operating procedures and runbooks• Highly skilled in technical incident report writing and maintenance of document and evidence repositories• CCNA, CCDA, CCNP, or Network+ certification required.
Nice to have:• Fluency in other languages i.e. Turkish; Spanish; French; Lithuanian.• Security certification (i.e. Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH) or equivalent• Expertise in one or more of the following functional areas: Digital Forensics, Threat Hunting• Experience in developing network security tabletop scenarios• Experience in Python, PowerShell, Bash or any other scripting languages• Prior experience in developing detection rules and SOAR playbooks