2 Jobs in Pikesville, MD
SORT BY
S
A
Network Security Engineer (Hybrid)
$122k-146k (estimate)
Full Time | IT Outsourcing & Consulting
2 Months Ago
Serigor is Hiring a Network Security Engineer (Hybrid) Near Pikesville, MD
Job Title: Network Security Engineer (Hybrid)
Location: US-MD-Pikesville
Duration: 12 Months
Overviewclient is a leading global provider of digital services working at the intersection of public and private sectors. With broad capabilities across IT managed services, cybersecurity, cloud migration and application development, client provides on-site and remote support to clients within governments, healthcare, financial services, transportation, manufacturing, and other critical infrastructure sectors. client has grown to over 2,100 employees globally and has been continually recognized as a Top Workplace in both regional and national categories.
Responsibilitiesclient is seeking a Network Security Engineer to successfully complete the migration from two (2) pair of Cisco (high availability) ASA firewalls to Cisco Firepower Threat Defense (FTD) image, combining Cisco ASA and Firepower features into one hardware and software inclusive system. In addition, the candidate will perform an assessment of an existing Cisco Identity Services Engine (ISE) deployment.
Duties And ResponsibilitiesTask 1: Collaborate with the Project Manager Senior Network Security Engineer to migrate two Cisco ASA Firewalls to Cisco Firepower Threat Defense Images:
During Configuration Planning, Firewall Rules, Security Zones, Interface Groups, NAT Policies, VPNs, ACLs, Objects, Filters, Policy-based Routing (BPR) Will Be Examined And Discussed For Architectural Decision Making. Knowledge Transfer Around Differences Between ASA And FTD, File Transfer And Management Will Be Explained With The Firewall Migration Tool (FMT) That Can Assist In Pre-migration Reporting And Migrating Workflows. The Candidate Will Provide The Following Tasks
QualificationsEducation and Years of Experience:This position requires a Bachelor’s degree from an accredited college or university with a major in computer science, information systems, engineering, business, or a related scientific or technical discipline. A Master's Degree in one of the above disciplines is equal to one(1) year of specialized and two (2) years of general experience. An additional year of specialized experience may be substituted for the required education.
General Experience
Location: US-MD-Pikesville
Duration: 12 Months
Overviewclient is a leading global provider of digital services working at the intersection of public and private sectors. With broad capabilities across IT managed services, cybersecurity, cloud migration and application development, client provides on-site and remote support to clients within governments, healthcare, financial services, transportation, manufacturing, and other critical infrastructure sectors. client has grown to over 2,100 employees globally and has been continually recognized as a Top Workplace in both regional and national categories.
Responsibilitiesclient is seeking a Network Security Engineer to successfully complete the migration from two (2) pair of Cisco (high availability) ASA firewalls to Cisco Firepower Threat Defense (FTD) image, combining Cisco ASA and Firepower features into one hardware and software inclusive system. In addition, the candidate will perform an assessment of an existing Cisco Identity Services Engine (ISE) deployment.
Duties And ResponsibilitiesTask 1: Collaborate with the Project Manager Senior Network Security Engineer to migrate two Cisco ASA Firewalls to Cisco Firepower Threat Defense Images:
During Configuration Planning, Firewall Rules, Security Zones, Interface Groups, NAT Policies, VPNs, ACLs, Objects, Filters, Policy-based Routing (BPR) Will Be Examined And Discussed For Architectural Decision Making. Knowledge Transfer Around Differences Between ASA And FTD, File Transfer And Management Will Be Explained With The Firewall Migration Tool (FMT) That Can Assist In Pre-migration Reporting And Migrating Workflows. The Candidate Will Provide The Following Tasks
- Client Kick-off call for introductions and set timelines, deliverables, and project expectations.
- Off-site documentation review of existing network documentation and firewall rules for migration.
- Main location (on-site) project planning and assessment to include:
- Engineering review of physical cabling, cross connects and peer connections.
- Verify Layer-3 and Layer-2 ports, SVI and routed ports, IGP, EGB protocols.
- Verify security zones and policies for enforcement.
- Verify VPN Access and Remote connectivity.
- Verify and discuss HA failover and migration path.
- Verify L2 and L3 internal switching design, spanning–tree and VLAN architecture as it relates to firewall VRF handling and routing architecture.
- Verify IP Address management, schema and address allocations for DNS, DHCP, and Gateways.
- Verify firewall software licensing, security certificates and encryption.
- On-site migration plus next day on-site support.
- Configuration Design, Testing Plan and Migration Plan development and documentation will occur after discovering all business requirements and the current state of security architecture. The Vendor will document the findings and prepare the target design and system design for analysis. The following activities will occur during the planning process:
- Off-site Engineering analysis of existing on-site findings and documentation of existing topology detailing protocol stack for HA routing and switching.
- Documentation and policy review of existing firewall and security services (Threat prevention, URL filtering, VPN, etc.)
- Documentation and policy review of existing sub-interface (networks) for internal route filtering using any existing VRF mapping and access control list.
- Documentation and export of existing certificates used for software and client access.
- Documentation of existing firewall access control list denoting each security zone mapping and privilege for access.
- Documentation of new Cisco FirePOWER firewall software upgrade using latest firmware release for General Deployment.
- Document Method of Procedure (MoP) for Client Change Control and Migration.
- Document Disaster Recovery failover testing between sites and measure recovery time objectives (RTOs)
- Provide project execution using the Method of Procedure created in the planning process. During the execution phase, will coordinate non-business hours for the firewall migration that will impact business operations. To minimize downtime and after hour support, will stage the new equipment (rack, stack, power and ping) parallel to existing and begin testing prior to making any intrusive changes.
- Conduct a project close-out meeting with the client. Deliver all final as-built documentation with any planning documents to client for final review and comments. Technical working session will be provided to include training and knowledge transfer.
- Provide an assessment of an existing Cisco Identity Services Engine (ISE). Cisco ISE is currently deployed During this assessment the candidate will review:
- Deployment Topology of ISE Servers
- Deployment Mode
- Best Practices
- Network Architecture
- High Availability
- GA Recommended Code Levels
- Review current Configuration.
- Review Logs
- Review Integration of Infrastructure Devices
- Review Golden Configs
- Review enhanced Authentication.
- Enable TACACS for (3) admin use cases and create up to 3 AAA device templates.
- Provide remediation from the information collected during the Assessment Phase of this project.
- Knowledge Transfer Sessions.
QualificationsEducation and Years of Experience:This position requires a Bachelor’s degree from an accredited college or university with a major in computer science, information systems, engineering, business, or a related scientific or technical discipline. A Master's Degree in one of the above disciplines is equal to one(1) year of specialized and two (2) years of general experience. An additional year of specialized experience may be substituted for the required education.
General Experience
- The proposed candidate must have at least twelve (12) years of computer related experience.
- The proposed candidate must have at least ten (10) years of specialized experience in defining computer security requirements for high-level applications, evaluation of approved security product capabilities, and security management.
- Cisco Identity Service Engine (ISE) Expertise. Experience migrating Cisco ASA Firewall to Cisco Firepower Threat Defense (FTD).
Job Summary
JOB TYPE
Full Time
INDUSTRY
IT Outsourcing & Consulting
SALARY
$122k-146k (estimate)
POST DATE
04/03/2024
EXPIRATION DATE
09/28/2024
WEBSITE
serigor.com
HEADQUARTERS
BALTIMORE, MD
SIZE
50 - 100
FOUNDED
2009
CEO
SWATI SHARMA
REVENUE
<$5M
INDUSTRY
IT Outsourcing & Consulting
Related Companies
Show more
The job skills required for Network Security Engineer (Hybrid) include Cisco, VPN, Planning, Network Security, Computer Science, Access Control, etc. Having related job skills and expertise will give you an advantage when applying to be a Network Security Engineer (Hybrid). That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Network Security Engineer (Hybrid). Select any job title you are interested in and start to search job requirements.
For the skill of Planning
Allied Resources Technical Consultants
Full Time
$118k-153k (estimate)
Just Posted
Show more
The following is the career advancement route for Network Security Engineer (Hybrid) positions, which can be used as a reference in future career path planning. As a Network Security Engineer (Hybrid), it can be promoted into senior positions as a Network Engineering Manager that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Network Security Engineer (Hybrid). You can explore the career advancement for a Network Security Engineer (Hybrid) below and select your interested title to get hiring information.
Similar Jobs
Popular Articles
Top 10 Things to Avoid Putting on a Job Application
Read Article
How to Describe Your Education in a Resume
Read Article
How to Write a Memorable Cover Letter in 5 Ways
Read Article
4 Personal Finance Tips to Make During Job Transition
Read Article
4 Best Camera Setups for Interview
Read Article
Keeping a Job Search Journal: 9 Types of Journaling You Can Do
Read Article
