| |
Posted: 12/17/2009
Job Type: Infrastructure & Operations
Location: Greensboro, NC
This Financial Services industry leader is healthy and once again expanding their investment in I.T. Presently they have a need for an additional NEtwork Security Architect to provide DMZ Network Security Architecture design and administration. This includes; administration and troubleshooting infrastructure architecture design including: Firewalls, VPN, Radius, F5 GTM, and App Firewalls.
Since they support 95% to 99% of their Internet exposed systems within owned and managed DMZ zones, this positions purpose is to protect and enhance the security, performance, and availability of the those zones. Specifically you'll be responsible for:
- Identifiy and implement DMZ network and security infrastructure architecture
enhancements that will improve the security, reliability and performance of all Internet
exposed systems (web systems, mail, Citrix, Client to Site VPN, Site to Site VPN.
- Provide project, change management and documentation.
- Demonstrates the ability to multi-task and effectively switch between project
management and daily systems support requests.
- Strong ability to troubleshoot issues associated with Firewalls, VPN (Cisco, Citrix
Access Gateway), Network related issues, Radius, F5 GTM, and App Firewalls.
- Designs, prepares, documents and participates in disaster recovery planning and testing
of DMZ network and Security Infrastructure.
- Manage and implement complex DMZ infrastructure deployments, providing work-
thread level leadership for more junior staff. Perform analysis and design activities
related to the enhancement of DMZ infrastructure that will improve the reliability,
performance, and security of the environment.
- Provide technical project leadership experience.
ALL CANDIDATES SHOULD POSSESS THE FOLLOWING:
- 5+ years of Networking experience or equivalent Certification
- 3+ years Nokia IPSO and Voyager experience
- Detailed Knowledge of TCP, UDP, IPSec and SSL protocols
- Checkpoint CCNA / CCSE Certifications
- Checkpoint CCSE Certification
- Understanding of Security and Control mechanisms, services, control points
- 3+ years of ASA, PIX, or other firewall architectures
- Detailed knowledge of HA Checkpoint protocols (VRRP/Cluster XL) and architectures
- Understanding and ability to implement Checkpoint Secure Internal Communication
(SIC) between Firewall Objects
- Understanding and ability to draw logical and physical firewall topologies
- Understanding of X509v3 Certificate Authorities
SIGNIFICANT PLUSSES!
- Information Security or Internal Audit Experience
- Linux System Administration experience
- System/application troubleshooting experience on Linux or Nokia
- Understanding of n-tiered application flows and SOA concepts
- Detailed Knowledge of Dynamic NAT, Static NAT, Policy Based NAT
- Network Packet Analysis Experience with Wireshark/Ethereal Utilities
- Packet Capture Experience with TCPDUMP, SNOOP, and FW Monitor Utilities
- Enterprise Systems/Solutions Architecture design and implementation experience
- Knowledge of RADIUS and LDAP Authentication Protocol and Services
- Working knowledge of switching/router concepts (ARP/CAM Entries, Routing
protocols (BGP, OSPF, EIGRP)
- Knowledge of Encryption & Hashing protocols and algorithms
- Experience with F5 Big IP load balancing and SNAT issues and implications with
security
Submit your resume for this opportunity
|
 Candidate Policy Statement
Candidate Resources
Like most IT departments in the area, we have a list of recruiting
agencies from which to choose. We do business with Martineau
Recruiting because they provide us with high quality candidates
that greatly reduce the amount of time we spend interviewing.
Their knowledge of the talent pool in the local area is
invaluable when trying to minimize expense and reduce time.
Director of Corporate Applications Development
RF Micro Devices
|
|
