Senior Security Engineer - Network Defense

About The Position

Requirements

• 2+ years of hands-on experience with Zscaler deployments in a support role
• Proficient in deploying and managing Zscaler ZIA, ZPA, ZDX, and ZTA for large enterprises
• In-depth knowledge of Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Client Connector
• Experience with App Connectors and Branch Connectors management
• Familiarity with Zscaler's cloud architecture and security services
• Thorough understanding of TCP/IP
• Excellent analytical, problem-solving, and written/oral communication skills
• Leadership, teamwork, collaboration, self-driven and effective communication skills - both written and verbal.
• 3-5+ years of IT Security Engineering experience working in an enterprise infrastructure or security architecture environment.
• Preferred experience within the network security environment.
• 3-5+ years of experience in one or more of the following security technologies: Network IDS/IPS VPN/ Remote Access NGFW WAF DDoS Protection Web Proxy/ Content Filtering Cloud Security Controls
• 3-5+ years of troubleshooting and investigating complex issues within a highly regulated and secure environment.
• Experience working with change management controls is required.
• 3-5+ years of experience working with applications enabled in the cloud and network.
• Working knowledge of various industry security standards and frameworks including: NIST, ISO 27001, ISF Standard of Good Practice (SoGP), etc.

Nice To Haves

• One or more Industry Certifications: VCP, CCIE/CCNP, CISSP, PCNSE, etc.
• Bachelor’s degree in Computer Science, Information Systems or at least 5yrs of experience in related field.
• Knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification and/or desire to obtain such certifications.
• Experience working with tools such as Wireshark, Snort, Bro/Zeek, Burp, Nessus, Kali, Security Onion, and Metasploit.
• Experience working with both external and internal auditors to ensure compliance and accurate reporting.
• Experience with scripting languages such as Powershell, Python, VBScript, and Bash.
• Experience working within a DevOps environment is a plus.

Responsibilities

• Rapidly understand SECU Cloud and Data Center environments, becoming an expert in the implementation of security features within the infrastructure environments.
• Evaluate security related features within vendor infrastructure offerings and new security tools which improve SECU’s security responsiveness.
• Represent Containment related infrastructure changes accurately within the SECU Change Management process.
• Deliver thoroughly planned and executed changes within the environment without application impact.
• Coordinate with software developers to ensure Containment security capabilities are verified, regardless of environment.
• Champion all efforts collaboratively.
• Continuously identify, review, and recommend potential opportunities for enterprise cost-savings, service quality improvement, and operational efficiency.
• Manage security product life cycle from Network Defense roadmap to Annual Vendor Reviews.
• Assist with driving milestone planning, deployment coordination, change management, documentation, and user training of new and existing technologies.
• Ability to work and collaborate with teams outside of Security division.
• Create documentation to ensure appropriate operational process and procedures are followed in the event of business impacting incidents or issues.
• Ability to identify and fully automate processes, when possible
• Serve as a Security Engineering subject matter expert that can lead projects and initiatives.
• Serve as a tier III resource for security related issues or outages.
• Needs minimal to zero supervision to complete tasks and projects.
• Provide support for security related issues on 24 hours a day, seven days a week, 365 days a year basis