Network Security Engineer

About The Position

Requirements

• Bachelor’s degree, or combined experience and education as a substitute.
• Minimum of 4 years of relevant experience.
• Experience with Border Gateway Protocol (BGP) and network security technologies including intrusion detection and prevention systems, proxies, firewalls, packet capture, and data loss prevention (DLP) solutions.
• Experience designing and implementing security controls within public cloud environments, such as AWS and/or Azure, including support for hybrid architectures.
• Experience deploying and troubleshooting certificate-based security solutions and public key infrastructure (PKI), including 802.1X authentication, SSL decryption/offloading, and related technologies.
• Experience designing, deploying, and supporting web proxy and content filtering solutions to enforce security policies and support data loss prevention initiatives.
• Demonstrated experience performing packet and flow analysis using a variety of tools, including in-line taps, firewall and IPS appliances, network routers, and host-based tools.
• Experience working with network access control (NAC) platforms, writing shell scripts using Python and/or Bash, and leveraging infrastructure monitoring and alerting tools.
• Experience designing, implementing, and supporting firewall and intrusion prevention system (IPS) architectures in enterprise environments.
• Proven ability to work effectively in project-based environments, collaborating and communicating with individuals and teams across diverse technical and non-technical organizations.
• Ability to generate technical reports, create presentations, and present findings and recommendations to appropriate stakeholders.
• Ability to contribute subject matter expertise to design discussions and support the development and implementation of secure, scalable network solutions.
• Bachelor’s degree, or vocational training in a relevant field such as computer science, computer engineering, etc., or equivalent combination of education, training, experience.
• Two years of experience in information technology, network engineering, or network security.
• One of the following certifications: CCNA Security, CCNP Security, Fortinet NSE 4, OSCP, CISSP, CEH, or equivalent relevant experience.
• Experience with border gateway protocol (BGP), intrusion detection, proxies, firewalls, packet capture, and/or data loss prevention (DLP).
• Experience designing and implementing security measures within public cloud environments, such as AWS or Azure.
• Experience troubleshooting and deploying solutions involving certificates and public key infrastructures such as 802.1X or SSL decryption and offloading.
• Experience designing and deploying web proxy and content filtering solutions for DLP.
• Experience performing packet and flow analysis across a variety of toolsets such as in-line taps, firewall/IPS appliances, network routers, and hosts.
• Ability to contribute expertise to design discussions and support the development of network solutions.
• Experience writing shell scripts using Python or Bash.
• Experience using infrastructure monitoring tools.
• Experience working with network access control platforms.
• Experience designing and working with firewall and intrusion prevention systems.
• Ability to support the creation of presentation materials, generate reports, and assist in presenting to appropriate stakeholders.
• Experience working in project-based environments.
• Ability to collaborate across an organization and effectively communicate with others.

Nice To Haves

• Experience in IT and/or network engineering roles within enterprise or large-scale environments.
• Hands-on experience designing, implementing, and supporting firewalls, intrusion prevention systems, and infrastructure monitoring tools, with specific preference for Fortinet technologies and SolarWinds.
• Experience working with HPE ClearPass or similar network access control platforms.

Responsibilities

• Design, implement, and maintain network security solutions that protect infrastructure from internal and external threats.
• Evaluate, deploy, and manage firewalls, intrusion prevention systems, web proxies, and data loss prevention technologies.
• Troubleshoot and resolve complex network security issues, partnering with campus departments and ITS stakeholders.
• Perform packet and flow analysis using industry-standard tools to identify risks and improve visibility.
• Support public cloud security architectures (AWS, Azure) and hybrid environments.
• Monitor, upgrade, and patch network security systems using leading-edge practices and tools.
• Contribute to incident response efforts, risk assessments, and operational improvements.
• Develop and maintain clear technical documentation and present findings and recommendations to stakeholders.

Benefits

• USC provides benefits-eligible employees with a broad range of benefits and perks to help protect their and their dependents’ health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package.