Network Security Engineer/Architect (REMOTE) Description Lume Consulting Group a Sacramento based IT consulting company is looking for a qualified individual to fill the role of a Senior Network Security Engineer/Architect. Qualifications Mandatory Qualifications: A minimum of seven (7) years of network and security engineering and architecture experience, in the following areas:
- Network protocols configuration and troubleshooting – including: Ethernet, Virtual Local Area Network (VLAN), Layer Two Tunneling Protocol (L2TP), Continuous Data Protection (CDP), (Multi-protocol Label Switching (MPLS), Routing Information Protocol Version 2 (RIPv2), Border Gateway Protocol v4(BGP), Internet Protocol v4, Internet Protocol v6, Internet Protocol Security, Secure File Transfer Protocol (SFTP), Transmission Control Protocol(TCP), Transport Layer Security, Network Time Protocol (NTP), Domain Name System (DNS).
- Network hardware and software configuration and troubleshooting – including Cisco, Juniper, Palo Alto, F5, Ciena (routers, switches, firewalls, load balancers).
- VMWare NSX used in the data center context.
- Knowledge of Security Appliances and features – Cisco Adaptive Security Appliance (ASA), Juniper Secure Routing and Switching Firewall (SRX), Palo Alto Firewall, F5.
- Application Security Manager/Web Application Firewall (ASM/WAF), Trend TippingPoint, Distributed Denial of Service (DDoS) technologies and services.
- Knowledge and experience in Virtual Private Network (VPN) Technologies and Deployments – Internet Protocol Security (IPsec), Triple Data Encryption Algorithm, (3DES), Advanced Encryption Standard (AES), Internet Key Exchange (IKE), Dynamic Multipoint Virtual Private Network (DMVPN), AnyConnect, Full Tunnel/Split Tunnel Client Virtual Private Network Solutions, Site to Site VPN Solutions and Software Defined Wide Area Network (SDWAN).
- TippingPoint Intrusion Protection System Expert Certification.
Desirable Qualifications 1) Additional experience of mandatory qualifications with a minimum of five (5) years’ experience. 2) Experience with Amazon Web Services (AWS), and/or Azure networking services. 3) Experience with complex documentation of network designs, network modifications/changes, and troubleshooting process changes. 4) Experience configuring and troubleshooting Intrusion Protection Systems/Intrusion Detection Systems (IPS/IDS). 5) Experience in sniffer packet capture and protocol analysis. 7) Experience in analysis and design of network security alternatives. 8) Experience using Security Information and Event Management (SIEM) tools. 9) Familiarity with security controls as defined in the NIST 800-53 v4 publication. 10) Experience in evaluation, deployment, and management of vendor managed services. #J-18808-Ljbffr
Architect Intrusion Detection System (IDS) SIEM network-security Amazon Web Services (AWS) Intrusion Prevention System (IPS) Azure juniper Cisco