Senior Network Security Engineer
Company: Raymond James Financial
Location: Denver
Posted on: October 18, 2024
Job Description:
Job Description - Senior Network Security Engineer (2402698)This
position will follow our hybrid work model, we expect the selected
candidate to be in office 2-3 days a week at one of the following
Corporate Office locations: St. Petersburg, FL; Southfield, MI;
Denver, COJob Summary:The Senior Network Engineer is responsible
for managing, designing, and improving RJ's enterprise network. He
or she will assist network architects with the design and
implementation of network technologies. This role is responsible
for senior-level network engineering implementation and providing
technical principles guidance to peer engineers, proactively taking
technology project delivery from 0 to 100% with little to no
supervision. General duties include leading the buildout of
solutions and driving innovation for the implementation of new
modern technologies in the enterprise network. Partners with
management and peer engineers to drive infrastructure modernization
projects to completion and provides Tier3 technical support using
extensive expertise to take on work assignments the team is engaged
in. Strong people skills and the ability to balance/prioritize
between multiple tasks and projects are essential. This position
does involve both routing and switching as well as network firewall
implementation projects for both on-prem and cloud
infrastructure.Essential Duties and Responsibilities:Design,
improve and innovate:
- Primary focus is to implement new technologies or changes to
existing technologies as identified and designed by the
architecture team.
- Researches and recommends innovative technologies and
approaches for enterprise infrastructure management, upgrades, or
improvements.
- Utilize and integrate network components such as switches,
routers, firewalls, wireless AP/Controllers, SDN fabric components,
load balancers, NAC servers, and cloud infrastructure network
elements.
- Proactively identify and implement network improvements to
assure the performance, resiliency, and redundancy of the
network.
- Utilizes blueprints to engineer solutions and adhere to
enterprise standards (engineering focused, architecture
supported).
- Take disaster recovery and business continuity plan aspects
into consideration for any new technology implementation or
change.Monitor, document and offer proactive support:
- Provides ad-hoc support for incidents requiring T3 level
resources (engineering/architecture) and knowledge.
- Use Microsoft Visio to produce and maintain documentation with
regards to the implementation of new systems or system
changes.
- Participate in 24x7 on-call rotation for SME T3 support
requirements as needed.
- Maintains service level agreements of departmental metrics, key
performance indicators and adhering to strict project
timelines.
- Maintain/Improve security posture, promptly addressing issues,
vulnerabilities, and security requirements according to regulatory
guidelines (PCIDSS, PII, CIS, NIST).QualificationsKnowledge,
Skills, and Abilities:Required:
- Strong experience in network design, implementation, and
documentation of medium-large scale enterprise networks (10,000+
users).
- Strong experience using Cisco enterprise technologies - CCNP
Enterprise (R&S) knowledge level required.
- 1-2 years of experience in designing, implementing, and
maintaining data center spine-leaf fabrics (Arista/Cisco). Arista
ACE L3 certification required.
- 1-2 years of experience with Cisco DNA Center.
- 1-2 years of experience with SDWAN technologies (Cisco, Palo
Alto ION).
- Experience with Cisco Wireless technologies in a large
enterprise environment (Cisco WLC, FlexConnect, CAPWAP).Desirable:
- Experience with designing, implementing, and maintaining Palo
Alto Centrally managed firewall platforms (NGFW Pan OS, Threat
Prevention, UserID, Global Protect, HA setup, Prisma Access).
- Administering F5 Clusters, Load balancing, SSL decryption
policies, DNS Geolocation (LTM, GTM, APM, ASM/Cloud WAF).
- Remote Access VPN solutions (Global Protect, F5 BIG-IP
Edge).
- Certificate management (Venafi), Cryptographic protocols and
algorithms, certificate PKI.
- Implementing NAC solutions (Forescout/Cisco ISE).
- Experience with Infoblox DNS/IPAM functions.
- Familiarity with cloud computing principles and experience in
designing secure and scalable network solutions for cloud
environments.
- Automation/scripting experience (Python, Ansible).
- Network security protocols, architecture and design principles;
intrusion detection, prevention systems, secure socket layer (SSL)
protocols, virtual private networks (VPNs).
- Network performance optimization, capacity planning and load
balancing.
- Familiarity with the following monitoring platforms: Microsoft
SevOne, SolarWinds, DataDog, Splunk.Education/Previous
Experience:--- Minimum of a Bachelor's degree in Computer Science,
MIS or related degree and three (3) of relevant experience in
assigned area or combination of education, experience, and
training.Licenses/Certifications:--- Required: CCNP Enterprise
(R&S), Arista ACE L3. Desirable: CCIE, PCNSE, JNCIP.---
Security and control certifications preferred (CISSP, CISM, CISA,
CRISC).Travel:10% travelRaymond James Guiding BehaviorsAt Raymond
James, our associates use five guiding behaviors (Develop,
Collaborate, Decide, Deliver, Improve) to deliver on the firm's
core values of client-first, integrity, independence, and a
conservative, long-term view.We expect our associates at all levels
to:
- Grow professionally and inspire others to do the same.
- Work with and through others to achieve desired outcomes.
- Make prompt, pragmatic choices and act with the client in
mind.
- Take ownership and hold themselves and others accountable for
delivering results that matter.
- Contribute to the continuous evolution of the firm.At Raymond
James - as part of our people-first culture, we honor, value, and
respect the uniqueness, experiences, and backgrounds of all of our
Associates. When associates bring their best authentic selves, our
organization, clients, and communities thrive. The Company is an
equal opportunity employer and makes all employment decisions on
the basis of merit and business needs.
#J-18808-Ljbffr
Keywords: Raymond James Financial, Denver , Senior Network Security Engineer, Engineering , Denver, Colorado
Didn't find what you're looking for? Search again!
Loading more jobs...