Location:Spring, Texas, US
Area of InterestEngineer - Network
Technology InterestCollaboration, Video
The Security Engineer is a highly organized, thorough, security-minded problem solver focused on the protection of the BroadSoft carrier information system assets against compromise and cyber-attacks. The Security Engineer is responsible for planning, implementing and deploying security solutions to ensure the stability and security of BroadSoft's infrastructure for both on-premise data centers and hybrid cloud deployments. The Security Engineer would have extensive knowledge and broad functional experience with IDS/IPS, switching, routing, firewall, VPN and content networking, across a wide range of complex architectures, platforms and mediums. The Security Engineer will help in the secure deployment of network systems and help in the maintenance of non-in-line security systems and the administration of same in a mission-critical, 24/7 environment.
Duties and Responsibilities
- Provide technical expertise in the planning, implementation and design of the security architecture for BroadSoft on-premise data centers and hybrid cloud environments.
- Develop and implement packet capturing and network aggregation technologies (TAPS) such as Ixia, Gigamon, Arista, etc.
- Develop and implement enterprise and cloud authentication technologies such as RSA SecurID, Safenet, SAML, OKTA, and RADIUS based technologies.
- Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
- Develop and implement centralized log aggregation technologies such as Elasticsearch, Hadoop for integration into current analysis tools or SIEM.
- Develop, secure, and maintain strong Identity and Access Management (IAM) policies for on-premise Active Directory deployment and cloud (Google, AWS)
- Develop and implement security modules using the F5 BIG-IP modules such as APM, AFM and ASM to further secure external boundaries (WAN).
- Research and recommend innovative and automated approaches for operational tasks which Provide guidance and instruction to other team members regarding proper operation of all network security systems within the BroadSoft carrier information systems.
- Provide day-to-day administration of the security tools and functions deployed in the BroadSoft carrier information systems.
- Assist in maintaining information systems security documentation. This includes both providing feedback into the update process as well as providing updates to the information security documentation when needed.
- Participate in incident response and contingency planning components of the BroadSoft carrier information systems.
- Provide feedback and suggestions on ways to improve performance and risk posture of the BroadSoft carrier information systems.
- Minimum 3 years of experience in information technology or cyber-security related fields.
- Must possess experience with ITIL, NIST, FedRAMP, FISMA, & ISO 27001 security compliance frameworks and policies.
- Must possess strong understanding of network LAN / WAN concepts like TCP/IP, STP, VLAN, Inter VLAN Routing, NAT, PAT, Access Control Lists (ACL).
- Must possess experience with Security Information and Event Management (SIEM) Must possess experience with configuring and managing network firewalls, load-balancers, and complex network designs.
- Must possess experience with managing and maintaining Active Directory deployments.
- Experience with shell scripting a plus (Java, Perl, Python, PowerShell)
- Experience with F5 load balancers (APM, LTM modules) a plus
- Relevant industry certifications a plus (CISSP, CCSP, CCNP, CCWP, GIAC)
- Knowledge of security vendors and security product capabilities.
- Must possess strong communication skills, both written and oral.