Job Description

Role: L2 Engineer - Network Security Engineer
This position is responsible for day-to-day administration of network firewalls, Routers, Switches, Load balancers (LLB+SLB) and proxy systems designed to protect networks and systems from malicious/unauthorized network access or misuse.
He/she ensures all the Business-Critical Systems are monitored, identify possible escalations and notify/seek assistance from track lead. Follow all the process and procedures defined for maintaining the environment.
He/she should possess strong technical and subject matter expertise in at least five or more of the following security specialties:
Firewalls: Palo Alto, Fortinet, Checkpoint, Juniper, Cisco
VPN - IPSEC, SSL VPN: Fortinet, Cisco, Palo Alto, Checkpoint, Juniper
IPS: Cisco, Palo Alto, Fortigate, Juniper
Unified Thread Management (UTM)
AAA services: ACS, Radius, RSA
Load Balancers: Radware, F5
Switches: Cisco, Juniper, HPE, Mellanox
Routers: Cisco, Juniper, HPE
Wireless: Cisco, HPE
Core Accountabilities:
Good Understanding on enterprise level Security based infrastructure systems planning, operations and maintenance, and management across multiple sites across the Globe.
Ability to handle escalation calls and resolve issues as per priority.

• Good understanding on Firewall (at least any three expert level ASA/Check Point/Palo Alto/FortiGate/Juniper etc.) and experience in handling security concepts (Rule ADD/ Modify Delete, NAT, Faulty Firewall replacement, High Availability setup, packet capture, log analysis etc.) using CMD line and CSM/GUI/Smart console etc.

• Good knowledge on Load Balancers monitoring and troubleshooting, firmware upgrade, SSL offloading, Link Load Balancing Monitors, SLB's, Service Weights & Service Groups.

• Troubleshoot and fix high priority issues related to Firewalls, Load balancers, IPS/IDS, Proxy, Switching, Routing. EDR feature knowledge and troubleshooting is added advantage.

• Work with the HW Vendors/TAC for the SW/HW related issues and provide the required fix.

• Troubleshoot Site to Site VPN (IPSEC/ GETVPN/ GRE/MGRE), Proxy related issue (In-house/Cloud Hosting) & End user remote access VPN issues.

• Involve in change management process for HW replacement/ IOS upgrade/ Config change/ BW upgrade/ Whitelisting or Blacklist URLs & FW Rule addition etc.

• Knowledge and experience in Incident, Change, Problem, Service request and Configuration Management Processes (ITIL certification is an added advantage).

• Monitor the queue and maintain regular updates on the Tickets as per agreed SLAs, providing the detailed closure summary on the tickets. Detailed Root cause summary to be documented for the Problem tickets. Document Pre & Post implementation logs & Script for change. Network Diagram Design, Documentation and updates.

• Working on the assigned tickets within the agreed Timeline/SLA as per the Ticket Priority/Severity and Adhere to the ITIL process with zero noncompliance.

• Upskilling current technical knowledge by learning new Technologies on the job and obtaining relevant technical certifications.

Behavioral & Leadership Competencies

• Strong communication skills (written, verbal), problem-solving skills and interpersonal skills

• Client service-oriented and solution-oriented, ability to handle expectations from the Clients perspective

• Able to communicate effectively with clients

• Able to communicate fluently in English

Leadership Attributes

• Honesty and Integrity

• Commitment and Passion

• Good Communicator

• Decision Making Capabilities

• Accountability

• Delegation and Empowerment

• Creativity and Innovation.

Qualifications: -

• BSc / BCA / BE / MCA / MSc or equivalent

Technical Certifications:

• Checkpoint Certified Security Administrator / Expert

• Check Point Certified Maestro Expert will be an advantage.

• Fortinet NSE certified

• ANSSI certified

• Palo Alto Networks Cybersecurity Professional Certified

• Juniper JNCIA, JNCIA-SEC

• Cisco CCNP, CCIE

• HPE AIS, ASE, ACSX, ACSP, DC Professional, Architect, Security

Experience & Technical Competencies:

• Min 5 years of industry experience as a Network Security engineer on Design, Implementation and troubleshooting multivendor network devices

• Network Security (multi-vendor) experience - Cloud security (Native security controls in AWS / Azure / GCP) & security tool implementation in cloud platform will be an added advantage

Skills Required