Network Security Engineer [Onsite]

New York City, NY - USA

Monthly Salary: Not Disclosed

Posted on: 4 hours ago

Vacancies: 1 Vacancy

Job Summary

Title: Network Security Engineer

Location: Full Onsite in either or both Midtown or/and Downtown office

Work Hours: 9AM - 5PM (7 hours per day with 1 hour unpaid break / 35 hrs/week) Possible overtime weekend and oncalls

Visa: USC GC GC-EAD H4-EAD

-Overtime & weekend/holiday: 1.5 times

-Holiday will be based on bank holiday

Term: 3-6 month contract with renewals (Long Term).

Description

Hands-on Palo Alto design&Architecture configuration deploy&management experience

Strong Network Security Framework knowledge & experience

Strong Cisco ACI Palo Alto Firewall Fortinet (Replacing Cisco ASA)

Microsoft Defender Zscaler Carbon Black

Network: Replacing Switches Vulnerability VLAN OSPF/BGP

Network Security: Firewall (Palo Alto/Fortinet) - Rules Upgrades VPN Logs DLP and SOC

Some physical work at datacenter

Duties

Develop and enforce comprehensive network security strategies aligned with industry standards such as NIST and ISO 27000 to protect organizational assets.

Configure and manage network security devices including Cisco ASA firewalls Cisco ISE for identity management IDS/IPS systems for threat detection and VPN solutions for secure remote access.

Conduct vulnerability assessments and penetration testing to identify potential weaknesses within LAN WAN SAN and cloud infrastructure environments like AWS and Google Cloud Platform.

Monitor network traffic using SIEM tools such as Splunk or SolarWinds to detect suspicious activities perform log analysis and initiate incident response procedures promptly.

Implement system hardening techniques on operating systems including Linux (Debian CentOS Ubuntu) Windows macOS and UNIX variants to minimize attack surfaces.

Manage encryption protocols such as IPsec SSL/TLS PKI (Public Key Infrastructure) and FIPS standards to secure data in transit and at rest across diverse platforms.

Lead incident recovery efforts by executing disaster recovery plans system security plans and threat detection & response strategies in accordance with FISMA and FedRAMP compliance requirements.

Skills

Extensive knowledge of computer networking concepts including LAN/WAN architecture routing protocols (OSPF BGP) TCP/IP stack DHCP/DNS services and network protocols.

Hands-on experience with firewall management (Cisco ASA) network support tools (SolarWinds PRTG) load balancing solutions and high availability configurations.

Proficiency in scripting languages such as Python or Bash for automation of security tasks and system administration activities.

Strong understanding of vulnerability management frameworks like DREAD or CVSS; experience with vulnerability research and assessment tools.

Familiarity with cloud computing platforms (AWS Azure) including cloud architecture design principles for secure deployment.

Knowledge of identity & access management (IAM) RBAC policies SSO integrations (Active Directory) LDAP directories GPOs and open-source tools like Ansible or Terraform for infrastructure automation.

Ability to analyze network traffic using tools like Fiddler or Wireshark; conduct computer forensics; implement system security hardening measures; perform threat intelligence analysis.

Understanding of compliance standards such as PCI DSS for payment systems; experience with incident management frameworks like ITIL; adherence to SDLC processes for secure software deployment. Join us to be at the forefront of cybersecurity innovation! Your expertise will help shape resilient defenses against evolving cyber threats while advancing your career in a collaborative environment committed to excellence in information security.

Job Type: Contract

Education:

Bachelors (Preferred)

Experience:

Network Security: 5 years (Preferred)

Zscaler: 3 years (Preferred)

Carbon Black: 3 years (Preferred)

Palo Alto Firewalls: 5 years (Preferred)

FortiGate: 5 years (Preferred)

Ability to Commute:

New York NY 10020 (Required)

Work Location: In person

Title: Network Security Engineer Location: Full Onsite in either or both Midtown or/and Downtown office Work Hours: 9AM - 5PM (7 hours per day with 1 hour unpaid break / 35 hrs/week) Possible overtime weekend and oncalls Visa: USC GC GC-EAD H4-EAD -Overtime & weekend/holiday: 1.5 times -Holiday ...