Duties/Responsibilities:
- We are looking for someone to work on implementation of a new remote access solution as well as facilitate network security BAU backfill duties mostly particularly Netscreen FW, Cisco ASA & Palo Alto FW and Bluecoat proxies but not excluding general firewall rules, web access, SSL remote access, B2B (IPSEC) VPN.
- Other tasks may require participation in configuration, support, upgrade, audit, monitoring of: firewalls, IPS, web proxy/filtering, IPSEC VPN concentrators, SSL remote access, authentication (2FA / AAA) platforms, email filtering and end-point anti-malware platform.
- Perform network-centric security risk assessments for submitted requests.
- Contribute to the cyclical improvement of processes and procedures to assure security enforcement and platform health.
Skills/Qualifications:
- Solid hands-on experience in all main network security platforms: Firewalls, Web filtering, email filtering, network access control and in particular VPN (SSL/IPSEC).
- Strong exposure to 3 or more of the following: Netscreen NSM & ScreenOS, Palo Alto NGFWs, Bluecoat ASG, Cisco ASA, Cisco ISE, Pulse vADC, RSA SecurID, Pulse SSLVPN, Splunk and McAfee ePO will all be valuable.
- Solid understanding in network security principles, disciplines and infrastructure.
- Must have had hands-on configuration and troubleshooting experience on data centre-grade Firewalls and web filtering, IPSEC & SSL VPN products.
- Advantage to have experience in large corporate business environments: encryption protocols, PKI principles, SANS and/or ASD controls, analysis skills, data mining skills.
- Solid working knowledge and experience in network security audit processes and the ability to perform network-centric risk assessments/recommendations.
- A solid understanding of general switching fundamentals (trunking, link aggregation etc) and an understanding of routing principals particularly BGP.