We are looking for a Network Security Engineer that’s looking to progress into a specialist cyber security role, that is able to liaise with our group cyber security experts but also remain hands on to support our network security controls and network infrastructure and have the following proven technical skills.

Required Skills and Knowledge

Networking

• Cisco Network Switches Layer 2 and 3 (Catalyst 9K) – CCNP Level, Expert Level Preferred

• Routing protocol – OSPF (Catalyst 9K) – CCNP Level, Expert Level Preferred

• Cisco Switch Stacking (Cat 9K Switches 9600, 9300. 9200)

• Virtual Routing and Forwarding – (Catalyst 9600)

• Internetworking Troubleshooting - CCNP Level, Expert Level Preferred

• High Availability and Disaster Recovery - CCNP Level, Expert Level Preferred

Cyber Security

• Cisco Firepower Firewalls (ASA, FTD) - CCNP Level, Expert Level Preferred

• Palo Alto Firewalls – Specialist Level, Architect Level Preferred

• Cisco Layer 2 Port Security

• Network Access Control including Cisco ISE, TACACS etc

• Network Detection and Response

• Network Encryption (Site to Site VPN’s)

• Cisco Secure Client (ASA)

• Network IPS (Trellix)

• Network Zero Day (Trellix NX or similar)

• Host Zero Day (Trellix HX or similar)

• Cyber Security Network Control Incident Investigation with the assistance of group cyber security experts – Tier 1, Tier 2 to 3 preferred, using LogRhythm SIEM a bonus

• Host End Point Protection (Symantec)

• Host IPS

Preferred Skills and Knowledge

• Vulnerability Management (Scanning for Vulnerabilities and classifying the risk, CIS Benchmark Scanning and compliance) – Using Rapid7 a bonus

• Knowledge of Penetration Testing, understanding of the types of testing and their advantages and disadvantages

• Security Zone Design and considerations

• Network and Security Architecture Design and Considerations

• Understanding of Information Security (Confidentiality, Integrity, Availability)

• Understanding of MITRE ATT&CK

• Understanding of NIST

• Understanding ISO 27001

• Understanding of SIEM use cases for key controls etc

• Understanding of Risk Management in Cyber Security

• Understanding of SSL Blind spots, what causes them and how to mitigate

• Understanding of Malware/Ransomware and how to mitigate

• Understanding of Penetration testing concepts

• Understanding of White/Black/Grey Box penetration testing.

• Developing Security policies and procedures

• Conducting audits/risk assessments

• Handling crisis situations during security incidents