What You'll Do
- Work with our Corporate, Platform Production, and Subsidiary Network Engineer teams to improve overall configuration security
- Review ACL, proxy, load balancer, and firewall changes, as well as providing insights to improving our migration to Zero Trust Network Architecture and Maco-Zoning
- Work with our Threat Detection and Response teams to improve visibility and response capabilities across the enterprise
- Own endpoint networking security,and connectivity of on-premise data centers and offices
- Work with our SWE team to create automations and services to ensure better visibility and compliance with our team's requirements
- Continue to update and push our ZTNA roadmap
- Embed and consult on partner team projects
Basic Qualifications
- 5+ years of large, scalable and resilient Network Security Engineering and Architecture experience
- 5+ years of engineering experience with Arista, Cisco, and/or Juniper Networking
- 3+ years of professional software development in Python3 and/or GoLang experience to be able to automate common tasks
- 3+ years of experience with a SD-WAN design, deployment and management
- 1+ years of experience working with any SASE/SSE endpoint protection service
- Experience working with hybrid cloud environments
- Experience working with Network Incident Security response methods, techniques, and legal requirements for collection and preservation of artifacts
- Deep understanding of Zero Trust Architecture, NIST 800-83 and NIST 800-207
- Working understanding of optical and traditional encrypted tunnel systems and protocols (ie: IPSEC, Wireguard, OpenVPN, Layer 4 SSL) as well as MacSec
- Working understanding of Regex
- Working understanding of Threat Modelling and Threat Zoning
- Working understand of PCI, GDPR, NYDFS, and CCPA
- Strong interpersonal skills for multi-functional and cross-organizational project team management
Preferred Qualifications
- Zeek, Suricata, and other Network Security Monitoring platforms experience
- ZScaler Internet Security platform experience
- OpenConfig Experience / Understanding
- Experience with Batfish Open Source Network Analyzer
- Working understanding of eBPF and XDP with module development experience and understanding of eBPF CNI’s such as Cilium
- Network Access Control (NAC) and 802.1X PEAP experience
- Wireguard and MACSEC experience
* Accommodations may be available based on religious and/or medical conditions, or as required by applicable law. To request an accommodation, please reach out to .