Network Security Lead Technician
Req ID 106987
Location: Charlotte, NC.
For individuals not local to Charlotte area, we may be able to offer some sign-on or relocation assistance.
Cyber-security is a highly dynamic field, requiring ongoing education and exploration. We develop each other by keeping employees current on the latest skill sets through classes, certifications, and conferences. If you are a Network Security professional seeking to make an impact in a dynamic field, you will find our company environment to be collaborative, inclusive, and full of growth opportunities. Stepping into this opportunity, you will join the Network Security Operations team within Allstate Information Security (AIS).
The Network Security Operations team provides capabilities associated with network, application, and infrastructure security controls and apply this knowledge to evaluate, test, and rate the effectiveness of these controls within the environment. Individuals in this space review and assess the potential risk of new industry threats, as well as implement and manage technologies capable of averting, detecting, investigating, and/or eliminating those threats. Individuals may liaison with other organizations to help with the collection and management of security data required for legal or investigatory purposes. This position may also identify and analyze business practice irregularities including various information seeking violations and infractions and evaluate potential damages or recommend cost-effective measures to prevent recurrences.
The Network Security Lead Technician will have the ability to lead, learn and support cutting edge technology as well as the ability to work in both an individual and global support environment. This individual will ensure and assist with the proper support and lifecycle of solutions that support information security including firewalls, intrusion detection and prevention systems, proxy servers, and other security solutions. He/she will identify and evaluate and implement technical security controls to continuously improve the organization's security posture. This individual will also be responsible for continual process improvements in the monitoring of our network security infrastructure, building dashboards, establishing baselines for metrics, and refining performance alerts.
Education and Job Qualifications
- College Degree or equivalent work experience.
- 5+ years work experience in security or risk management, networking, or related technology based role.
- Certifications in area of specialty a plus. Examples include: CISSP, CSSLP, CISA, CISM, GIAC certs, CFE, CNP, CEH, etc.
- Experience with Servicenow ITSM system.
- Thorough understanding of how applications communicate over the network using source and destination IP addresses, ports and protocols.
- Ability to analyze network security requirements and implement perimeter security changes.
- Knowledge of how to configure, support, and troubleshoot Palo Alto firewalls and Squid proxy servers.
- Palo Alto Networks Accredited Configuration Engineer (ACE) certification or equivalent knowledge.
- Palo Alto Networks Certified Network Security Engineer (PCNSE) certification or equivalent knowledge.
- Experience troubleshooting firewalls, proxy and load balancers.
- Experience using network management tools and packet captures to resolve operational issues.
- Solid understanding of routing and switching.
- Basic knowledge of incident management, problem management, and change management best-practices.
- Strong verbal and written communication skills due to the need to communicate extensively with remote team members and vendors.
- A bias toward action, along with an internal drive for continuous improvement.
- Ability to prioritize, execute tasks, and make sound decisions in high pressure situations.
- Strong customer service orientation.
- High degree of self-motivation and self-direction.
- Ability to work in a fast paced, often changing environment, and find your own path in ambiguous situations.
- Proficiency with network monitoring.
- Proficiency with TCP-IP and IPv4; IPv6 desired.
- Linux competency.
- Moderate knowledge of networking fundamentals (TCP/IP, Network layers, Ethernet, ARP, etc.).
- Unix administration and application support in a Unix environment experience required.
- Moderate experience with scripting (PowerShell, PERL, PYTHON, etc.).
- Experience troubleshooting web traffic protocols and decryption.
- Experience with Cisco IOS. Ability to locate a host on the network for incidents or troubleshooting.
- Working knowledge of Splunk to perform queries on logs.
- Manage firewall and network security systems by establishing and enforcing approved policies.
- Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units.
- Develop network documentation of security infrastructure.
- Troubleshoot a variety of products within a multi-vendor environment.
- Monitor network performance and implement performance tuning as necessary.
- Utilize industry best practices for security, disaster recovery, business continuity, change controls.
- Act as First Responder to all Security Infrastructure Incidents. Infrastructure and data.
- Attend Change Management meetings.
- Assist in the deployment of security tools.
- Assist with administering security policies, standards and procedures.
- Palo Alto Firewall Administration - work with outside vendor to ensure firewalls are fully operational.
- Patch and Lifecycle Management - ensure that all security infrastructure tools are at current patch levels.
- Maintain current and relevant knowledge of common network, authentication and security protocols (e.g. SNMP, TLS, SSL DNS, HTTPS, SMTP, LDAP, KERBEROS, RADIUS and FTPS)
- Actively protect information technology assets and infrastructure from external or internal threats and ensure that the company complies with statutory and regulatory requirements regarding information access, security and privacy.
- Assist in incident response for any breaches, intrusions, or theft.
- Monitor systems for any anomalies, proper updating, and patching.
- Monitor vendor websites for potential threat alerts and software upgrades.
- Perform planning, testing, and implementation of software and hardware upgrades.
- Maintains system documentation and configuration data for regulatory and audit purposes.
- Drive efforts to analyze business impact and exposure based on emerging security threats, vulnerabilities, and risks.
- Review, recommend, and approve major changes, and communicate critical changes for supported technologies and processes.
- Document incident resolution and posts to appropriate logs/knowledge base for future reference. Responds to incidents/calls, determines severity, and takes action within the specified service level for rapid response support.
- Resolve complex incidents and escalates highly complex incidents and problems.
- Collaborate with an international team and ensure smooth transition of operational tasks throughout shifts.
- Partner with other Allstate Business Units to implement Network Security Infrastructure Changes based on the business case.
- Develop, test, and onboard new Standard Operating Procedures and troubleshooting documentation.
- Participate in an on-call rotation.
Akorbi is an industry leader providing both Staffing and Language solutions worldwide.