Infrastructure Engineer - Network Security

About The Position

Requirements

• Minimum education required, with specialization as appropriate: Bachelors Degree or equivalent work experience in Information Technology or Information Security
• 5+ of experience in IT or Information Security
• 3+ Years of IT Systems Management (Plan/Build/Run)
• Previous experience working in outsourced IT environments
• Ability to translate business needs into implementation plans and can articulate cost implications of options.
• Extensive knowledge & understanding of NGFWs, SSL VPN, NAC & RBAC, Privileged access (PAM) & SASE solutions.
• Vendor knowledge and past implementation of Cisco, Aruba & Fortinet.
• Extensive experience with Firewall & SSL VPN based policy management; both with direct implementation and guiding principles with ‘zero-trust’ approach.
• Strong understanding of Zero-Trust architecture and experience in either deployment and/or management of such.
• Advanced technical knowledge of Network technologies, including broad knowledge in other disciplines/technologies.
• Strong experience and knowledge with SD-WAN, IPSEC B2B VPNs, Load-balancers, and dynamic routing protocols.
• 3+ years of Firewall policy management (Deployment/Operations) for one or more of the leading NGFW companies (Palo Alto, Fortinet, Checkpoint)
• Direct experience with deployment and usage of Firewall configuration & Policy management tools, experience with Tufin a plus
• Direct experience with deployment & management of Aruba ClearPass,
• Strong experience in other Network access control (NAC) and Access management tools a plus
• Experience with managing and using automation tools such as Ansible and/or Terraform for Network CI deployments & configuration management.
• Experience with software-defined networking and tag-based deployments for policy management.
• Public cloud (Azure/AWS/Google/OCI) tags
• VMware Vcenter/NSX based tags.
• Ability to execute in and with diverse global cultures and resources.
• Ability to perform in a challenging, fast-paced technical and business environment.
• Ability to lead others through troubleshooting and resolutions.
• Proven analytical and problem-solving abilities.
• Team oriented and skilled in working in a collaborative environment; with abilities & skills to run projects solo when required.
• Thorough knowledge and ability to maneuver in a global organization.
• Strong verbal and written communication skills
• Microsoft Excel, Word, Visio, PowerPoint, and other Office 365 products skills.
• Experience in Monitoring and Telemetry tools i.e. SolarWinds NPM, Prometheus, etc.
• Experience with APIs for monitoring and configuration implementation.
• Experience with AI/ML technologies and offerings related to security, deployment & self-healing of IT infrastructure & applications.

Responsibilities

• Develop, document, communicate, and enforce a network technology standards policy which is delivers value, is manageable and scalable. Conduct analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products
• Conduct research and make recommendations on network products, services, protocols, and standards in support of network procurement and digital development efforts. Lead efforts on Network infrastructure transition following ‘DevSecOps’ principles & framework in alignment with business application and related Enterprise Architectural standards
• Help build strategic plans by leveraging leading-edge scientific and technological knowledge to drive business strategies as well as enhance the value proposition of IT solutions across cost, stability and security frameworks
• Participating and enabling successful Business projects that have network security dependencies
• Executing and ensure the successful delivery of IT Network and Network security tech.
• Assist with the design and implementation of short- and long-term strategic plans to ensure network services meet existing and future business requirements.
• Works closely with other groups, including System Administrators, AppOps, Infosec, Incident response & Vulnerability management teams, to ensure corporate compliance & improvements across network infrastructure. Provide support for Infosec related project initiatives and CSIRT event responses.
• Deliver tier IV support & guidance for network service operations and net new deployments with MSPs as subject matter expert (SME) over Global Cybersecurity & Network Services’ equipment, services and/or applications. Provide quality control, SLAs, and governance over move, add, changes, and decommissions for Global Cybersecurity & Network Services’ offerings. Manage technical lifecycle for all network security services.
• Define and maintain RACI between Application L3/L4, Integration, Application Platform & Infrastructure Teams for the 27 operational disciplines
• Work with the respective Application Platform and/or Infrastructure teams for the Application to understand their planned BAU initiatives
• Assess workload impact, and scale up the team as required to support such initiatives
• Ensure Testing Quality of test scripts, test execution and sign off
• Identify, communicate & partner with Monitoring team to implement monitoring requirements for applications
• Assist with development, training and mentoring of MSP Employees
• Make recommendations and influences long term technology decisions and planning related to the service
• Maintain in-depth knowledge of company’s existing Network and Security architecture/infrastructure, and technology portfolio. Provide direct input on design and delivery of short- and long-term strategic plans to ensure network & security services meet existing and future business requirements.
• Work with L3/L4 leads to plan expected workload driven by projects and enhancements.
• Understand projects which are scheduled to begin or currently in progress, their planned Transition to Run, and its impact on the respective service disciplines
• Work with architects for the respective application to understand design changes to the application, assess the potential impact to operations support, recommended proactive measures like performance testing if needed, right-size & righ-skille the ops team, and in turn prepare for an effective transition
• Ensure orderly transition of new or modified services into production together with the necessary adaptions to the existing service disciplines to accommodate the intake
• Ensure retrospectives are performed to identify evolving needs, and iteratively update the service backlog based on those requirements.
• Encourage design thinking and hypothesis driven techniques to promote innovation for operational efficiency
• Provide frequent feedback and direction to teams regarding how well the service is meeting customer (IT functional teams) expectations
• Set a baseline and regularly measures and improves key metrics to make effective prioritization and backlog sequencing decisions and improve mean time to value
• Make key metrics visible to all to increase transparency, enable trust, and drive alignment
• Implement a continuous improvement feedback cycle striving to achieve “Green” status across all service disciplines.
• Identify Improvement opportunities and select the appropriate discipline for improvement
• Identify and verify the root cause(s)
• Plan and drive team to implement actions that correct the root cause(s)
• Provides senior level technical leadership for Network Security area.
• Responsible for a technical framework and defines new standards for given platform/technology.
• Supports the Architecture and Business programs for the discovery, evaluation, and selection of enterprise network solutions.
• Leads and participates in multiple projects/programs concurrently.
• Analyzes emerging technologies and determines how it can be used at Campbell’s.
• Responsible for innovating the platform to meet new service needs and deliver value beyond service and capacity alignment.
• Reviews new business requirements and provides subject matter expertise in the decision-making process for technology solutions for their area.
• Participates in the business engagement roadmap sessions, leveraging roadmap to define the service strategy.
• Ensures adherence to Network security standards, best practices, and access controls over responsible Infrastructure.
• Review & guidance over vulnerabilities patching cadence and feature-set enhancements for OEM vendor equipment/software.
• Reviews & approves Network related changes by MSP via ‘four-eyes’ principles.
• Participate in on-call rotation to support Tier 4 escalated Priority 1 & 2 related Network and Network Security incidents.

Benefits

• Benefits begin on day one and include medical, dental, short and long-term disability, AD&D, and life insurance (for individual, families, and domestic partners).
• Employees are eligible for our matching 401(k) plan and can enroll on the first day of employment with immediate vesting.
• Campbell’s offers unlimited sick time along with paid time off and holiday pay.
• If in WHQ – free access to the fitness center.
• Access to on-site day care (operated by Bright Horizons) and company store.
• Giving back to the communities where our employees work and live is very important to Campbell’s. Our “Campbell’s Cares” program matches employee donations and/or volunteer activity up to $1,500 annually.
• Campbell’s has a variety of Employee Resource Groups (ERGs) to support employees.