Network Security Engineer

Network & Security Engineer Operations

Job Description

Position Summary:

Exposure to ISP connection setups like: Fiber, T1, XDSL, technology is essential.

Understanding of Data Centre infrastructure.

• Resolving second level escalations for client infrastructure incidents.
• Maintain, troubleshoot and co-ordinate replacement of faulty hardware.
• Involved in the execution of infrastructure change requests
• Escalation of critical issues/outages to Operations Centre Management.
• Provide detailed feedback to other groups on all incident resolutions, ensuring full details are entered into ticket case notes.
• To provide comprehensive handovers to peers at the end of shift.
• Creative problem-solving to identify root cause analysis or work around following problem management best practices.
• Create or update documentation including network diagrams, procedures, and policies to ensure consistent support of customer environments.
• Provide guidance to adjacent support tiers to assist in resolution of complex network, system and security incidents.
• Review system and network configurations with Service Delivery to ensure successful implementation of services into production.
• Perform incident trend analysis to promote a stable solution within the environment.
• Logging cases to 3rd party vendors requesting assistance on unresolved issues.
• Mentoring the wider team on technologies and customer topologies.
• Equipment procurement - hardware and licenses (all)
• Software license procurement (includes A/V, backup and other licenses)
• Firmware Management, Vulnerability Management, monitoring, and other network configurations for integration into client downstream environment (including integration with firewalls & routers with default policies)pursuant SOPs and quality standards
• Physical installation once at customer site and integration with other equipment along with end-to-end functional delivery
• Provisioning of new firewalls, Cisco routers, Modems including all policies and network configuration to integrate into client environmentpursuant SOPs and quality standards
• Custom firewall policy and configuration implementation (per firewall / router)
• Exposure to SD-WAN technology, Forti-Analyzer, Forti-Manager.
• Firmware upgrades at provisioning time
• zoning, segmentation, virtual domains and other partitioning at Layer 2 and Layer 3
• Provision last mile and other circuits
• Post-installation QA and verification (firewalls)
• End to end integration and testing (logical)
• End to end integration QA and verification
• Logical installations at customer VDC or colocation (in the case of software firewalls, or once placed on-site)
• Integrate VDC with other location endpoints (tunnels etc.)
• Create overall managed services report from all component reports from all teams
• Set up, and test and verify, automated report from Fort analyzer (Monthly)
• Test and Verify automated report from A/V & A/M
• Document changes to client BBIT and upload any changes to Wiki pursuant schedules in contract
• Generate equipment and other license usage, occupancy and other utilization reports relative to contract for billing purposes
• Ticket quality: completeness, correctness, timeliness
• Invoicing & billable updates in the ticketing tool on change requests
• Competency compliance of staff: compliance with latest technical standards within 30 days of standards release
• Network management (LAN + WAN) & troubleshooting
• Zoning, segmentation, virtual domains and other partitioning at Layer 2 and Layer 3.
• VPN configuration management.
• Network configuration MACDs (including public IPs)

Minimum Requirements:

Certifications: Fortinet NSE 4 / CCNA (RS) / CCNA (Security).

Should have hands on experience in managing enterprise level devices (i.e. Fortinet, SonicWALL & Cisco).

Understanding of Security frameworks, standards

A commitment to delivering a superior customer experience through direct interaction with customers during support and change management

• Confident and Professional dealing directly with customers.
• Outgoing team player with the ability to liaise with other team members and take the lead on decision making.
• Positive and Pro Active attitude & ability to work under pressure.
• Supportive and committed team player.
• Experience of using Ticket Management tools.
• Escalations are performed within the SLA timescales.
• Good commutations with customers is required throughout incident lifecycles.
• Engineering and Senior Management are kept abreast of appropriate escalations.
• Analytical skills.
• Have excellent written and verbal communication skills.
• Be organized and be able to work under pressure.
• Detailed working knowledge of a range of networking and security technologies, including:
• SD-WAN
• Dynamic / Policy based routing.
• GRE / IPSEC Tunnels
• Layer 2 / Layer 3 switching.
• HSRP / VRRP / HA setups.
• Fortinet, SonicWALL, Cisco ASA

• Able to demonstrate understanding of key networking concepts, including:
• TCP/IP
• NAT
• Layer 2 and layer 3 switching and routing
• Security solutions such as firewalls, IDS/IPS, VPN, and SSL Certificates
• Documentation: SOPs / Network diagram (Visio).
• In-depth troubleshooting and strong analytical skills.
• Use of packet capturing technologies such as Wireshark
• DNS

Preferred Requirements

• Fortinet NSE 7 Certified
• ITIL accreditation
• CCNP RS / Security
• Knowledge of other network and security services
• DDoS
• Cloud services
• A degree in IT or equivalent proven experience in technical support roles for high-availability Data Centre infrastructures.
• Project management experience

Required Experience:

• Experience (minimum 4+ years) of Fortinet Firewall, Forti-Analyzer, Forti-Manager, Forti-Authenticator, Cisco Routers, Cisco ASA, LAN and WAN technical support.