Lead Network Engineer
BBH Solutions is presently seeking a security-minded Lead Network Engineer to join our team. The primary responsibilities in this role include preforming project-based engineering, design, installation and troubleshooting of network and security solutions. as well as functioning as a technical lead on complex projects in conjunction with our team of engineers.
- Security/Firewall, LAN and WAN routing and switching design
- Configuration and deployment in complex small to large environments including Internet Edge architectures.
- Assessment, design and implementation of network and security products/solutions.
- Developing comprehensive graphical and text-based design documentation and effectively managing the implementation process from design to customer acceptance.
- Assume technical leadership on complex projects.
- Troubleshoot issues as necessary.
- Act as a focal point for client security problem resolution, lead design workshops and support pre-sales activity for complex security and network solutions when needed.
- We seek a Bachelor’s Degree or equivalent experience and/or military experience along with a minimum of 7 years related experience providing project deliverables in a VAR/MSP environment.
- Possess an Active Cisco® CCNP/CCIE certificate or equivalent experience.
- We seek experience with security focused network solutions that align with customer’s compliance requirements and industry standards like PCI, HIPAA, ISO 27001, NIST, CSF, ITIL, COBIT, Sarbanes Oxley, ISO, SANS 20, etc.
- Working knowledge of host/network common vulnerabilities and exploits (CVEs, IAVAs, • etc.), hacker methodologies and tactics, and the tools used.
- Previous experience successfully positioning professional services, managed services & SaaS solutions to fulfill needs regarding risk management, risk assessments, compliance assessment/remediation, information security architectures is desired
- Must be responsive, efficient, have excellent customer interaction, and exhibit a high level of professionalism.
- Responsible and reliable, capable of working alone as well as part of a team.
- Good organization and time management skills with proven ability to manage multiple priorities.
- Good written and verbal communication skills.
- Must have critical thinking and problem-solving ability.
- Be flexible and adaptable to change and hours of work, to meet the needs of the customer.
- Be a motivated team player.
- Experience working in professional corporate office environment
Required Experience / Capabilities:
Potential candidates will possess experience and demonstrated expertise in at least one or more of the following areas:
- Cisco Network Security design, configuration, and tuning of security appliances
- Excellent understanding of VPN (site to site, remote access client, IPSec, IKE, tunnel modes, SSL/clientless/AnyConnect, Tunnels between Firewalls, Routers)
- ASA Firewalls and FWSMs (NAT, ACL configuration, IPSec and SSL VPN, configuration of IPS, CX, BotNet modules; CSM and Next-Gen features ,HA configurations, multi-context, transparent mode)
- Palo Alto and Fortinet Firewalls
- IPS appliances and in-line modules, building and tuning of alerts
- SourceFire / FireSight / AMP
- Network Access Control (NAC) / Cisco Identity Services Engine (ISE) integration with wired data, wireless infrastructure & VPN as well as posture, client provisioning, SGT/AGACL’s
- Content Security (Cisco/Ironport ESA/WSA, WebSense, etc.)
- Security Testing and Audit Platforms (Nessus, NMAP, etc.)
- SIEM Platforms (Splunk, McAfee Nitro, LogRythm, etc.)
- Working knowledge of common OS and domain structures (Red Hat Linux, Oracle/Sun, Windows, Active Directory, etc.), servers, services, and associated vulnerabilities.
- Experience with Windows, Linux, Red Hat, etc. hosts, operating systems and applications.