DenverRecruiter Since 2001
the smart solution for Denver jobs

Senior Network Security Engineer

Company: Raymond James Financial
Location: Denver
Posted on: October 18, 2024

Job Description:

Job Description - Senior Network Security Engineer (2402698)This position will follow our hybrid work model, we expect the selected candidate to be in office 2-3 days a week at one of the following Corporate Office locations: St. Petersburg, FL; Southfield, MI; Denver, COJob Summary:The Senior Network Engineer is responsible for managing, designing, and improving RJ's enterprise network. He or she will assist network architects with the design and implementation of network technologies. This role is responsible for senior-level network engineering implementation and providing technical principles guidance to peer engineers, proactively taking technology project delivery from 0 to 100% with little to no supervision. General duties include leading the buildout of solutions and driving innovation for the implementation of new modern technologies in the enterprise network. Partners with management and peer engineers to drive infrastructure modernization projects to completion and provides Tier3 technical support using extensive expertise to take on work assignments the team is engaged in. Strong people skills and the ability to balance/prioritize between multiple tasks and projects are essential. This position does involve both routing and switching as well as network firewall implementation projects for both on-prem and cloud infrastructure.Essential Duties and Responsibilities:Design, improve and innovate:

  • Primary focus is to implement new technologies or changes to existing technologies as identified and designed by the architecture team.
  • Researches and recommends innovative technologies and approaches for enterprise infrastructure management, upgrades, or improvements.
  • Utilize and integrate network components such as switches, routers, firewalls, wireless AP/Controllers, SDN fabric components, load balancers, NAC servers, and cloud infrastructure network elements.
  • Proactively identify and implement network improvements to assure the performance, resiliency, and redundancy of the network.
  • Utilizes blueprints to engineer solutions and adhere to enterprise standards (engineering focused, architecture supported).
  • Take disaster recovery and business continuity plan aspects into consideration for any new technology implementation or change.Monitor, document and offer proactive support:
    • Provides ad-hoc support for incidents requiring T3 level resources (engineering/architecture) and knowledge.
    • Use Microsoft Visio to produce and maintain documentation with regards to the implementation of new systems or system changes.
    • Participate in 24x7 on-call rotation for SME T3 support requirements as needed.
    • Maintains service level agreements of departmental metrics, key performance indicators and adhering to strict project timelines.
    • Maintain/Improve security posture, promptly addressing issues, vulnerabilities, and security requirements according to regulatory guidelines (PCIDSS, PII, CIS, NIST).QualificationsKnowledge, Skills, and Abilities:Required:
      • Strong experience in network design, implementation, and documentation of medium-large scale enterprise networks (10,000+ users).
      • Strong experience using Cisco enterprise technologies - CCNP Enterprise (R&S) knowledge level required.
      • 1-2 years of experience in designing, implementing, and maintaining data center spine-leaf fabrics (Arista/Cisco). Arista ACE L3 certification required.
      • 1-2 years of experience with Cisco DNA Center.
      • 1-2 years of experience with SDWAN technologies (Cisco, Palo Alto ION).
      • Experience with Cisco Wireless technologies in a large enterprise environment (Cisco WLC, FlexConnect, CAPWAP).Desirable:
        • Experience with designing, implementing, and maintaining Palo Alto Centrally managed firewall platforms (NGFW Pan OS, Threat Prevention, UserID, Global Protect, HA setup, Prisma Access).
        • Administering F5 Clusters, Load balancing, SSL decryption policies, DNS Geolocation (LTM, GTM, APM, ASM/Cloud WAF).
        • Remote Access VPN solutions (Global Protect, F5 BIG-IP Edge).
        • Certificate management (Venafi), Cryptographic protocols and algorithms, certificate PKI.
        • Implementing NAC solutions (Forescout/Cisco ISE).
        • Experience with Infoblox DNS/IPAM functions.
        • Familiarity with cloud computing principles and experience in designing secure and scalable network solutions for cloud environments.
        • Automation/scripting experience (Python, Ansible).
        • Network security protocols, architecture and design principles; intrusion detection, prevention systems, secure socket layer (SSL) protocols, virtual private networks (VPNs).
        • Network performance optimization, capacity planning and load balancing.
        • Familiarity with the following monitoring platforms: Microsoft SevOne, SolarWinds, DataDog, Splunk.Education/Previous Experience:--- Minimum of a Bachelor's degree in Computer Science, MIS or related degree and three (3) of relevant experience in assigned area or combination of education, experience, and training.Licenses/Certifications:--- Required: CCNP Enterprise (R&S), Arista ACE L3. Desirable: CCIE, PCNSE, JNCIP.--- Security and control certifications preferred (CISSP, CISM, CISA, CRISC).Travel:10% travelRaymond James Guiding BehaviorsAt Raymond James, our associates use five guiding behaviors (Develop, Collaborate, Decide, Deliver, Improve) to deliver on the firm's core values of client-first, integrity, independence, and a conservative, long-term view.We expect our associates at all levels to:
          • Grow professionally and inspire others to do the same.
          • Work with and through others to achieve desired outcomes.
          • Make prompt, pragmatic choices and act with the client in mind.
          • Take ownership and hold themselves and others accountable for delivering results that matter.
          • Contribute to the continuous evolution of the firm.At Raymond James - as part of our people-first culture, we honor, value, and respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic selves, our organization, clients, and communities thrive. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.
            #J-18808-Ljbffr

Keywords: Raymond James Financial, Denver , Senior Network Security Engineer, Engineering , Denver, Colorado

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest Colorado jobs by following @recnetCO on Twitter!

Denver RSS job feeds