L3 Technologies is a recognized global leader in the design, development and production of secure communication systems and products supporting mission-critical space, ground, air and naval operations. L3 CS-East is where employees have the opportunity to make a significant impact on our business and the world around us while thriving in an environment that continually fosters growth and career development. We are committed to providing best-in-class solutions to our customers with the highest level of integrity, excellence and uncompromised quality in everything we do. L3 offers a flexible working environment where contributions are recognized and rewarded.We are looking for multiple Network Security Engineers with strong experience in firewalls, virtual private networks (VPNs) and network architecture for a team tasked with designing and managing corporate firewall and security solutions for a 40,000+ user global environment. Various experience levels will be considered, from mid-level to senior. The ideal candidates will be self-motivated, articulate, and intimately familiar with security industry standards and best practices. This team is currently tasked with rearchitecting the currently existing multi-vendor, segregated and decentralized environment (150+ firewalls/VPNs) into a completely new centrally managed, unified enterprise architecture. These positions offer a unique opportunity to join an industry leading team with an unparalleled focus on security. This position may be located in our Camden, NJ or Salt Lake City, UT offices.
Specific Responsibilities Include:
- Design holistic network perimeter security solutions focused on principles of restrictive ingress and egress, least privilege and standardization.
- Build, configure and administer firewall and VPN solutions focused on layer 3-7 security, including all aspects of end-to-end system ownership (operating system configuration, rule base creation and modification, system upgrades and patching, etc.)
- Analysis of existing network environments, including data gathering, points of network traffic ingress and egress, security controls currently in place, understanding network traffic flows, business requirements, etc.
- Network diagraming and documentation.
- Advanced network-based troubleshooting utilizing firewall/VPN logs, packet capture tools, etc.
- Review of existing and proposed network security solutions for compliance to industry best practices and company policy.
- Consult with other internal and external teams as a network security subject matter expert.
- Cross train (both as trainee and trainer) and collaborate with internal and external team members to promote knowledge sharing and education of best practices.
- Advocate for and enforce security principles, compliance and best practices with individuals and teams throughout the company.
- Provide quality, operations-focused technical service to internal and external customers of varying skill sets and professional levels.
*LI-AB2QualificationsRequired Technical Knowledge:
- Industry standard firewall, VPN and remote access solutions (layers 3-7), such as Check Point, Palo Alto, Cisco ASA, SonicWall, etc. Experience with white-box solutions such as AT&T; FlexWare a plus.
- Security industry best practices, including restrictive ingress and egress and the least privilege model, including a strong understanding of security zones, DMZs and 3-tier architecture
- Understanding of IPSEC, GRE and other layer 3 encryption protocols
- Strong understanding of network routing and switching (BGP, OSPF, HSRP, VRRP etc), 802.1q trunks, etc.
- Network diagraming and documentation using Microsoft Visio
- Advanced network troubleshooting, packet capturing (tcpdump, Wireshark, etc.)
- Thorough understanding of network packets and the OSI model, dynamic routing protocols IP subnetting/CIDR notation
Preferred Technical Knowledge:
- Automation and scripting
- Experience with logging and monitoring tools (SolarWinds, Splunk, ArcSight, Nagios)
- Intrusion detection and prevention products and tools, standard attack mechanisms and mitigations
- Experience with threat vulnerability assessment tools
- Security certifications such CISSP or GIAC a plus
Additional skills that are a plus:
- Ability to embrace “out of the box thinking” and future technologies to creatively conceive, design and build technologies and solutions that did not previously exist
- Strong project management skills are greatly preferred
- Strong customer service skills required
Minimum Experience, Education, and Qualifications:
- 4+ years combined experience in information security and network architecture
- Bachelor’s Degree in Computer Science, Information Systems or equivalent experience .
- Ability to learn new skills and technologies as required.
- Strong troubleshooting skills in complex network, system, and/or security problems.
- Excellent verbal and written communication skills.
- Highly disciplined and motivated, able to work independently, under direction, or as a member of a team.
- Must be willing to periodically work non-standard hours and be on call.
- Must be able to attain and maintain a Secret Security Clearance.
- U.S. Citizenship required.