Job responsibilities
- Utilizes knowledge of Cisco VPN solutions, Cisco Defense Orchestrator (CDO), BGP routing, Cisco Identity Services Engine (ISE), Palo Alto SASE solutions and cloud security architectures.
- Configuring and managing Cisco ASA, Firepower, and AnyConnect VPN solutions.
- Leads configuration and management of Cisco ISE for secure VPN authentication and authorization.
- Applies technical knowledge and problem-solving methodologies to projects of moderate scope, with a focus on improving the data and systems running at scale, and ensures end to end monitoring of applications
- Resolves most nuances and determines appropriate escalation path
- Executes conventional approaches to build or break down technical problems
- Drives the daily activities supporting the standard capacity process applications
- Partners with application and infrastructure teams to identify potential capacity risks and govern remediation statuses
- Considers upstream/downstream data and systems or technical implications
- Is accountable for making significant decisions for a project consisting of multiple technologies and applications
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on network security concepts and 3+ years applied experience.
- Strong understanding of VPN protocols (IPsec, SSL/TLS), encryption, and authentication methods.
- Extensive experience with BGP configuration, management, and troubleshooting
- Familiarity with Zero Trust security models and frameworks.
- Strong knowledge of one or more infrastructure disciplines such as hardware, networking terminology, databases, storage engineering, deployment practices, integration, automation, scaling, resilience, and performance assessments
- Strong knowledge of one or more scripting languages (e.g., Scripting, Python, etc.)
- Experience with multiple cloud technologies with the ability to operate in and migrate across public and private clouds
- Drives to develop infrastructure engineering knowledge of additional domains, data fluency, and automation knowledge
Preferred qualifications, capabilities, and skills
- Experience in a multi-cloud environment, with knowledge of AWS, Azure, or Google Cloud Platform (GCP) security practices.
- Experience with network security monitoring and troubleshooting tools.
- Knowledge of cloud security principles and best practices.
- Cisco Certified Network Professional (CCNP) Security or equivalent certification.
- Palo Alto Networks Certified Network Security Engineer (PCNSE) or equivalent certification is a plus.