What are the responsibilities and job description for the Network Security Engineer position at Randstad Digital?
Our client is seeking a contract resource to
support modernization of site-to-site IPsec VPN tunnels and firewall access
control policy hardening within the client's environment. This role
will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower
systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external
partners.
Responsibilities
- Review approximately 80 existing site-to-site IPsec VPN tunnels
- Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2
- Ensure VPN configurations align with organizational cryptographic standards
- Update pre-shared keys (PSKs) to meet a minimum 20-character requirement
- Validate VPN tunnel functionality after each change
- Review approximately 10 firewall access control rules on Cisco Firepower
- Modify firewall rules to remove overly permissive or broad subnet access
- Restrict firewall rules to required source/destination networks, ports, and protocols
- Apply principle of least privilege in firewall rule updates
- Perform validation testing after firewall changes to confirm no service disruption
- Coordinate implementation activities with UC Davis campus teams and external partners
- Support execution of approved maintenance window changes
- Provide technical assistance during implementation activities
- Document VPN and firewall changes and validation results
- Coordinate cryptographic parameter and shared secret updates with external partners
- Support scheduling and execution of maintenance window activities
Required Technical Experience
- Experience managing site-to-site IPsec VPNs
- Hands-on experience upgrading VPNs from IKEv1 to IKEv2
- Experience configuring and validating VPN tunnel connectivity
- Knowledge of cryptographic standards and secure key management practices
- Experience managing firewall access control rules
- Experience with Cisco Firepower firewall platforms
- Ability to implement least privilege network access controls
- Experience performing post-change validation and troubleshooting network issues
- Experience coordinating technical changes with internal teams and external partners
- Experience working within structured maintenance window processes
Preferred Qualifications
- Experience in healthcare or higher education IT environments
- Familiarity with large-scale enterprise network environments
- Experience supporting change management processes in production environments
Desired Certifications
- Cisco CCNA Security or CCNP Security (or equivalent experience)
- CompTIA Security or equivalent security certification
- ITIL Foundation (preferred)
location: Rancho Cordova, California
job type: Contract
salary: $70 - 80 per hour
work hours: 8am to 5pm
education: No Degree Required
responsibilities:
Our client is seeking a contract resource to
support modernization of site-to-site IPsec VPN tunnels and firewall access
control policy hardening within the client's environment. This role
will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower
systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external
partners.
Responsibilities
- Review approximately 80 existing site-to-site IPsec VPN tunnels
- Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2
- Ensure VPN configurations align with organizational cryptographic standards
- Update pre-shared keys (PSKs) to meet a minimum 20-character requirement
- Validate VPN tunnel functionality after each change
- Review approximately 10 firewall access control rules on Cisco Firepower
- Modify firewall rules to remove overly permissive or broad subnet access
- Restrict firewall rules to required source/destination networks, ports, and protocols
- Apply principle of least privilege in firewall rule updates
- Perform validation testing after firewall changes to confirm no service disruption
- Coordinate implementation activities with UC Davis campus teams and external partners
- Support execution of approved maintenance window changes
- Provide technical assistance during implementation activities
- Document VPN and firewall changes and validation results
- Coordinate cryptographic parameter and shared secret updates with external partners
- Support scheduling and execution of maintenance window activities
Required Technical Experience
- Experience managing site-to-site IPsec VPNs
- Hands-on experience upgrading VPNs from IKEv1 to IKEv2
- Experience configuring and validating VPN tunnel connectivity
- Knowledge of cryptographic standards and secure key management practices
- Experience managing firewall access control rules
- Experience with Cisco Firepower firewall platforms
- Ability to implement least privilege network access controls
- Experience performing post-change validation and troubleshooting network issues
- Experience coordinating technical changes with internal teams and external partners
- Experience working within structured maintenance window processes
Preferred Qualifications
- Experience in healthcare or higher education IT environments
- Familiarity with large-scale enterprise network environments
- Experience supporting change management processes in production environments
Desired Certifications
- Cisco CCNA Security or CCNP Security (or equivalent experience)
- CompTIA Security or equivalent security certification
- ITIL Foundation (preferred)
qualifications:
Our client is seeking a contract resource to
support modernization of site-to-site IPsec VPN tunnels and firewall access
control policy hardening within the client's environment. This role
will focus on upgrading existing VPN tunnels from IKEv1 to IKEv2 and ensuring cryptographic configurations meet organizational standards. The contractor will also review and refine firewall rules on Cisco Firepower
systems to reduce overly permissive access and align configurations with approved requirements. This work supports improved security and controlled network connectivity across the client and its external
partners.
Responsibilities
- Review approximately 80 existing site-to-site IPsec VPN tunnels
- Upgrade approximately 50 VPN tunnels from IKEv1 to IKEv2
- Ensure VPN configurations align with organizational cryptographic standards
- Update pre-shared keys (PSKs) to meet a minimum 20-character requirement
- Validate VPN tunnel functionality after each change
- Review approximately 10 firewall access control rules on Cisco Firepower
- Modify firewall rules to remove overly permissive or broad subnet access
- Restrict firewall rules to required source/destination networks, ports, and protocols
- Apply principle of least privilege in firewall rule updates
- Perform validation testing after firewall changes to confirm no service disruption
- Coordinate implementation activities with UC Davis campus teams and external partners
- Support execution of approved maintenance window changes
- Provide technical assistance during implementation activities
- Document VPN and firewall changes and validation results
- Coordinate cryptographic parameter and shared secret updates with external partners
- Support scheduling and execution of maintenance window activities
Required Technical Experience
- Experience managing site-to-site IPsec VPNs
- Hands-on experience upgrading VPNs from IKEv1 to IKEv2
- Experience configuring and validating VPN tunnel connectivity
- Knowledge of cryptographic standards and secure key management practices
- Experience managing firewall access control rules
- Experience with Cisco Firepower firewall platforms
- Ability to implement least privilege network access controls
- Experience performing post-change validation and troubleshooting network issues
- Experience coordinating technical changes with internal teams and external partners
- Experience working within structured maintenance window processes
Preferred Qu
Salary : $70