Network Security Engineer - St Paul, United States - Apex Systems

Description

Apex Systems is seeking a Network Security Engineer. This is a contract to hire position with an industrial company.
Need Summary:

• Network modernization project
• Zscaler and Cisco ISE support for future. Will take a priority with experience
• Ansible, Python, programming or automating is all nice to have, not needed
• Zscaler and ISE rollout, early stages
  • Products are being tested and piloted right now
  • This resource will join the pilot support group

Required Skillset:

• Network Security (VPN, Firewall config, rules, requests, etc.)
• Zscaler - Administration for fixes, exceptions, troubleshooting
• Cisco ISE
• CCNA
• Basic routing

Nice-to-have:

• Experience with automation
• Ansible and Python are nice to have

To include, but not limited to the following:

• Performing as a network security engineering Subject Matter Expert (SME) focused on the design, build, and oversight into network security controls.
• Collaborate with Network Engineers and other IT Departments to design and implement functional company networks.
• Assist in defining IT security strategy and engineering of Network-focused Zero Trust architectures and methodologies.
• Providing input and insight in the planning and coordination of updates, enhancements, and expansion of product security environments.
• Mentoring, coaching, and developing less experienced security engineers and partner team engineers.
• Leading the development of enterprise-wide solutions and systems to solve network security challenges with a variety of partners and customers.
• Troubleshoot and remediate network security issues inglobal landscape.
• Conduct security engineering activities such as configuring and maintaining security tools, testing new capabilities, supporting IT engineer counterparts, and identifying security gaps.
• Identifying current and emerging technology issues, including security trends, vulnerabilities, and threats.
• Assist in the establishment of security baselines and standardization, including CIS-CAT asset benchmarking, baseline documentation, and secure configurations.
• Document and map security control infrastructure and capabilities.
• Detect and report any weaknesses in the existing protocols, recommending or implementing modifications and improvements.

Qualifications:

• Bachelors degree in a related field or equivalent combination of education and experience
• 10 years of large, scalable, and resilient Network Security Engineering and Infrastructure support
• 5 years of engineering experience with Cisco Firepower, Palo Alto, SonicWall, and Fortinet
• 3 years of experience with Azure network and security services
• Working understanding of optical and traditional encrypted tunnel systems and protocols (i.e., IPSEC, SSL VPN, Layer 4 SSL)
• Experience with Cisco ASA and Zoned based firewalls
• Experience with Zscaler and Cisco ISE
• Working knowledge of PCI, and GDPR
• Thorough understanding of rules, policies, ports, blocks, and VPN technologies
• Strong interpersonal skills for multi-functional and cross-organizational team engagement
• Experience working with Network Incident Security response methods, techniques, and legal requirements for the collection and preservation of artifacts
• Proficient in MS Office; Outlook, Word, Excel, Teams, and Visio
• Excellent organizational skills and analytic, problem-solving skills

Preferred Qualifications:

• Industry certifications preferred include CISSP, CCSP, CompTIA Security+, and/or SSCP
• Cisco CyberOps Professional, CCNP Security
• NIST / Zero Trust Network Architecture (ZTNA) design and architecture development experience
• SolarWinds, Thousand Eyes, Cisco DNA Center, Rapid7, and other Network Security and Monitoring platform experience
• Secure Access Service Edge (SASE) platforms experience
• Development experience in Python or other scripting languages
• Development experience with automation tools such as Ansible, etc.
• A thorough understanding of routing protocol: BGP, OSPF, EIGRP
• Cisco Networking experience
• Experience with SD-WAN - Cisco Viptela
• Network Access Control (NAC) and 802.1X PEAP experience
• Background in intrusion detection, security investigations, and incident response
• Broad knowledge across the Security domain, as well as deep focus in one (or more) areas such as Logs and events processing, Incident Management, and Detection and/or Response tool development

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.