Senior Network Security Engineer
Systems, Networks and Telecom (SNT)
Summary of the Position
Bentley University is seeking a Senior Network Security Engineer to build and manage the network, anticipating and updating network architecture leveraging next generation tools. This engineer will manage risks, ensure availability, confidentiality, performance and integrity. The role is part of IT – Systems, Networks and Telecom, reporting to the Network Director with a dotted line into the Chief Information Security Officer (CISO).
The role of Senior Network Security Engineer includes key responsibilities such as:
• Technical design of LAN/WAN
• Configuration, troubleshooting, and analysis for Bentley's Network Infrastructure
• Provide leadership and stay current on emerging network technologies
• Lead the development and implementation of new network technologies (i.e. IPv6, SDN etc.)
The individual for this role must be knowledgeable in Cloud Services (SaaS, DRaaS) as well as IoT and can integrate them into Bentley's infrastructure. The University expects a high available network, as such, the Senior Network Security Engineer will monitor all network hardware and assures that the network is running 7 X 24. This position participation in an on-call rotation for second and third shifts.
The Senior Network Security Engineer configures, monitors and manages the University's network and network security systems. This includes: firewalls, VPN appliances, routers, switches, IPS/IDS, and other vulnerability management software. This person will partner with an outside monitoring vSOC firm to conduct daily security log review, maintenance and archival of network security devices. Working with the CISO and outside firms, the engineer will perform internal and external security assessments and test to validate the effectiveness of the controls. Identifying and remediating network vulnerabilities is required.
Troubleshooting and Resolution: The engineer must work to resolve security and network issues by working independently, with team members, with other University departments, and/or with consultants. Independently isolating variables, identifying problems and delivering a concise solution to fix problems is essential. The engineer will coordinate the management of multiple open issues and interface with vendors, other internal functional areas, and/or end users at all levels
• Assist in the development and implementation of overall network security and architectural strategy.
• Provide leadership to junior members of the network team.
• Work well within a team, communicate to senior leadership and translate technical issues into clear and understandable business terms.
• Ability to lead and manage network projects.
• Perform detection and remediation of identified security events. Participate in incident response and forensics as required.
• Configure, monitor and maintain all LAN/WAN equipment including Firewalls, routers, switches, Load Balancers, IPS/IDS, and VPN appliances.
• Configure and Upgrade and/or install new hardware as required.
• Make adjustments, additions or deletions to maintain maximum performance, reliability and security. Maintain and monitor university log management systems.
• Upgrade and fine tune systems as necessary. Monitor and maintain remote user access. This includes: IPSec-VPN and SSL-VPN tunnels for faculty, staff and vendors. This includes adding and removing users in accordance with current policies. Providing up to date reports and keeping access current.
• Strong knowledge in network and security technologies such as Ethernet, VLANs, 802.1q VLAN trunking, firewalls, IPS/IDS, Wireless, protocol analysis, TCP/IP (IPv4), AAA (Authentication, Authorization, Auditing), DHCP, DNS, VPN.
• Familiarity with applicable laws and regulations (i.e. FERPA, HIPPA, PCI, DMCA).
Minimum Qualifications(Education and Experience Requirements)
A Bachelor's degree in Computer Science or related discipline preferred (or equivalent work-related experience) and a minimum of 5-7 years working as a network engineer, with previous senior level experience preferred. Strong knowledge with Juniper L2/L3 switches. Strong overall knowledge in routing and dynamic routing protocols (OSPF, BGP).
Must have experience with Cisco ASA 5500 for IPSec and SSL VPN. Palo Alto firewalls, Cisco ASR series Routers. Preferred Experience with any of the following network security tools: Wireshark, Splunk and Tenable Nessus. A good understanding of Windows AD, VMware, DNS/DHCP. Solid experience in controller based, wireless networks, Aruba preferred.
Preferred Qualifications include experience with networking in the cloud, particularly in the MS Azure environment.
There is a limited amount of physical effort needed. This job requires the ability to lift networking hardware such as switches, firewalls and network servers. The ability to go to remote wiring closets for troubleshooting, etc. is also required. The overall components that make our Network Infrastructure have high-visibility and stringent uptime requirements. There are times where there will be high degrees of stress and pressure.
Posting Detail Information
Open Until Filled
Special Instructions to Applicants
Bentley University requires reference checks and may conduct other pre-employment screening.
Required fields are indicated with an asterisk (*).
- Do you possess a minimum of 5 years working experience as a network engineer?
Documents Needed To Apply
- Cover Letter
Bentley University is an Equal Opportunity Employer, building strength through diversity.