This Posting May No Longer be Available. The End Date For This Job Was 2012-06-16
Date Posted : 2012-05-17

Network Engineer

Job Overview

The Security Specialist will provide subject matter expertise, technical support, and overall administration privileges for Network Security in general and for specific hardware-based and software-based security platforms, ensuring that strict network access and intrusion prevention guidelines and policies are deployed logically onto the network.

Additional Details

This is a major role in that the individual charged with this function must:
• Protect the Network and business operations against directed security attacks.
• Prevent damage from worms and virus to the network.
• Ensure the effective deployment and administration of consistent security policy as directed by Security Architecture and or Network Engineering.

Major Activities:
• Work very closely with the Network Engineering Group and or Security Architecture to ensure seamless, integration of new security guidelines, policies and security systems throughout the Network.
• Provide rigorous testing for new network security and access tools, hardware to ensure a resilient and intrusion proof network.
• Provide technical security implementation leadership within Network Services on firewalls and other intrusion detection systems ensure eliminate network vulnerability.
• Provide administrative support and maintenance on Checkpoint Firewall-1 as required.
• Provide administrative support and maintenance for DNS as required.
• Provide administrative support for Security Reviews, Vulnerability Assessments, Threat and Risk Assessments.
• Provide administrative support for Security Audits, Penetration Testing and Analysis and Intrusion Detection.
• Provide administrative support and maintenance on Bluecoat Proxy servers as required.
• Implementation and Support of Firewalls, PKI, VPN, IDS, Security Policies, Procedures and Handbooks.
• Support the Internet and E-commerce environment to include maintenance of the Firewall (DNS, Proxies and Security).
• Provide administrative support for restricted users’ access to the Internet; and vice versa.
• Responsible for security intrusion / worm attack prevention, determination, and resolution to prevent and minimize impact to the production.
• Responsible for immediate response to events (i.e. attacks) and complex network security and IPSec problems as they occur.
• Accountable for evaluating, implementing complex security-based network hardware and associated software tools-sets as required, on a project-by-project basis, i.e. Complex IMACs.

Physical Demands/Work Conditions:
• Ability to be on-call at any time to immediately respond to a security intrusion incident or worm/virus attack
• Continuous learning within an IT environment

Job Qualifications


Knowledge Work Experience:

• Minimum 7 years experience supporting an extensive multi-vendor network (LAN/WAN/MAN) environment.
• Degree (or equivalent) in a discipline relevant to the demands of the position (i.e. Computer Science).
• Certified CISCO router engineer: CCNA, CCNP, CCDA, CCDP (one or more or combination thereof preferred)
• Specialized Cisco Certification: CCIE-Security, CISSP (preferred)
• Ability to demonstrate a superior insight and skills adeptness on specialized network security technology or policy such as (but not limited to):
1. Access (User-based) Security
2. Distribution Layer Restriction policies on propagation of certain addressing.
3. Core Layer firewalls (Checkpoint, PIX) for perimeter Security
4. Intrusion Detection (IDS)
5. Secure VPN Tunneling
6. Security: Advanced knowledge of VPN-1 and FW-1 (PIX, Checkpoint, Nokia Platforms)
7. Network Security Engineering (Policies, Proxies, Authentication, etc)
8. DNS support knowledge
9. Authentication, Encryption, and General Access (passwords, restrictions, etc…)
• Ability to demonstrate extensive knowledge of security policy, guidelines, platforms
• Demonstrate excellent abilities in the areas of performance diagnostic and analytical skills pertaining to security issues
• Demonstrate excellent organizational, interpersonal, project leadership.
• Excellent written and verbal communication skills coupled with a strong orientation towards customer service.

Experience with the following technologies:
• Cisco AVVID: Cisco CSSs, SANs, Wireless, VoIP, etc
• Remote access: Cisco Systems (Cisco 2509 and 2511 Communication servers); VPN infrastructures (TACACS, Radius, ACE Server); design, deployment, and troubleshooting
• DNS: Maintain DNS zones, maintain DNS zone data: maintain Infoblox platform - ensure correct functionaly of Infoblox platform
- upgrade/patch Infoblox appliances
• Wireless: 802.11x wireless policy and security encryption (including, VPN Tunneling); Cisco Aironet Access Points; and wireless technology in general.
• Analysis tools: Network Associates Sniffer Technologies (DSS RMON Pro; Portable), Netcom Systems, Cisco Systems, Shomiti Systems, LANanalyzer, ZDnet Benchmark Tools, and NetIQ
• Operating Systems: Sun SOLARIS/SunOs, HP-UX, and IBM AIX UNIX workstations

Knowledge Transfer:
• Ability to disseminate knowledge to other Specialist Team members and Command Centre Network Support Team members (pier-level communication and knowledge transfer)
• Ability to interact and collaborate with senior-level engineering and architecture staff members on concepts, planning, and new technical policies and procedures.

Analytic/Systematic Thinking
Building Trust
Conceptual Thinking
Problem Solving & Decision Making
Results Orientation
Service Orientation
Teamwork & Partnering

Education / Experience

Degree (or equivalent) in a discipline relevant to the demands of the position (i.e. Computer Science)
Certified CISCO router engineer: CCNA, CCNP, CCDA, CCDP (one or more or combination thereof preferred).
Specialized Cisco Certification: CCIE-Security, CISSP (preferred)


Must Have:
Experience with PIX/Nokia Checkpoint firewalls - 5 years
Experience working with DNS - 5 years
Experience working with proxy - 5 years

How To Apply

By Email:

Employer Information
Kelly McCormick
This job advertisement has been provided by an employer external to and Canadian Career Services are not responsible for the accuracy, the authenticity and the reliability of the content.