Network Security Engineer
Network Security Engineer
University of San Francisco
This position participates in managing the data network and security devices at the University of San Francisco. This position reports to the ITS Network Manager.
Network Engineering (50%)
• Installs, configures and programs Cisco and Huawei Enterprise Routers, Switches, WLCs, WAPs, DHCP and integrated network devices into existing infrastructure.
• Provides in-depth, detailed design, implementation and support of LAN/WAN network architecture, including all related network hardware and software. Implements new designs and performs modifications to existing infrastructure.
• Independently and using his or her own judgement, responds to escalations, project tasks, and alerts from monitoring systems and ITS Help Desk tickets issued to the ITS Network Team. Provides resolution information and works with other teams to complete impact analysis where appropriate.
• Performs complex network trouble-shooting tasks utilizing high level network trouble-shooting tools such as WireShark, TCP Dump, NMAP, AirMagnet, etc.
• Makes recommendations for new system, service or software purchases required to support USF’s organizational goals.
• Implement firewall security policy management, Network Address Translation (NAT), and Port Address Translation (PAT).
• Train, guide, and advise other staff on the appropriate course of action during the identification and troubleshooting of complex LAN/WAN technical issues to minimize network down-time.
• Utilize ServiceNow application to document and track project and tasks as assigned.
• Participate in 24×7 on-call support rotation (average 1 week per month).
• Performs other tasks as assigned.
Network Security (50%)
• Installation, maintenance, configuration, troubleshooting, and analysis of security infrastructure equipment including PAN Firewalls, Cisco firewalls, VPN, Radius servers and IDS.
• Provide maintenance and support for PCI environment.
Research, develop, and recommend planning & implementation of information security systems and services.
• Recommend institutional security policies and standards based on best practices.
Incident response, handling, and reporting.
Coordinate security designs and projects with other departments.
• Periodic vulnerability scanning of networked devices and systems.
• Review and analyze IDS, firewall, NAC, and system logs.
• Gather statistical information, analyze, and create trending reports.
• Three (3) years or more in network security and maintaining and troubleshooting Cisco production data networks.
• Knowledge of Ethernet 802.3 switching, 802.1d/q/p/x, 802.11; TCP/IP, OSPF, BGP
• Knowledge of network security concepts and tools, ACL, firewall, VPN, IDS, vulnerability scanning, encryption, virus/worm detection and prevention.
• Equivalent experience that includes, seven (7) years of network engineering experience, which includes:
o Four (4) or more years’ experience designing networks and working with routing protocols in a multi-area distributed environment utilizing Cisco technologies including high-end routing, Ethernet switching, 802.1d/q/p/x, 802.11; TCP/IP, OSPF
o Three (3) or more years’ experience configuration and implementation network firewall and security systems, preferably.
o Three (3) years or more in security and maintaining and troubleshooting Cisco production data networks.
• Strong hands-on technical background with at least 7 years in a 24/7/365 operational role.
• Work independently and manage time effectively to meet deadlines and expectations.
• Highly effective interpersonal communication skills, both verbal and written.
• Demonstrated ability to effectively work in a team environment and promote cohesion and pride with the team.
• Sharp problem solving, communication and analytical skills.
• Pay close attention to details and be able to perform multiple tasks simultaneously.
• Work as part of a team with other engineers and managers, as well as fellow employees who do not have a background in computer science or technology.
• Communication Proficiency - Ability to describe technical information in easy-to-understand terms.
• Enthusiastic and Results Driven.
• Excellent Judgment.
Additional Knowledge, Skills, and Abilities:
• Bachelor’s degree in a subject area related to computer science or engineering field. Experience can substitute for field of study. (5 to 7 years’ experience in areas above if no Bachelor’s degree)
• Certifications from Cisco and Palo Alto Networks are highly desired
For information on how to apply, please visit the following link: www.usfjobs.com
The University of San Francisco is an equal opportunity institution of higher education. As a matter of policy, the University does not discriminate in employment, educational services and academic programs on the basis of an individual’s race, color, religion, religious creed, ancestry, national origin, age (except minors), sex, gender identity, sexual orientation, marital status, medical condition (cancer-related and genetic-related) and disability, and the other bases prohibited by law. The University reasonably accommodates qualified individuals with disabilities under the law.