As a CyberSecurity Principal Engineer, you will join a dedicated, professional team responsible for network security in the Comcast network. The principal will be responsible for the configuration, deployment and support of network security and engineering systems including:Private/Public Cloud (AWS/Azure/GCP) F5 ASM/AFM firewalls, VPN’s, A10-F5/SSLi/o, Proxy solutions and supporting Orchestration Firewall tools for handling secure connectivity.
The individual in this role will perform sophisticated security systems configurations, upgrades and troubleshooting, as well design network engineering solutions for security tools (i.e., firewalls, routers, Intrusion Detection/Prevention Systems, and rule automation). During a critical security connectivity event, this position will be authorized to make customized changes to the various network security tools or system configurations to minimize the immediate impact to the business.
- 11+ years of hands-on security and IP routing/switching/firewall/customer premises equipment
- Aptitude and experience with programming the network versus configuring networks.
- Solid understanding of the high-level design criteria for leading large data/voice service provider security networks in a decentralized environment
- Industry experience designing and configuring ethernet networks for large scale customers.
- Expert understanding of IP routing (MPLS and BGP) technical specifications
- Specific knowledge of Fortinet, F5, Arista, Cisco and Juniper routers, especially ASM/AFM/Fortimanager/analyzer/converter and ASR, MX, NCS series is helpful.
- Expert understanding of IPv4, IPv6, Multicast and QOS DSCP marking.
- Validated Data Centers large networks with accurate & clearly detailed design
- Ensure timely proactive identification and reporting of security gaps and vulnerabilities to the critical business information, systems and network infrastructure.
- Assist with security compliance audits to verify completeness of required configurations and verify system hardening.
- Bachelor's Degree or Equivalent
- Engineering, Computer Science
- Generally requires 11+ years related experience
- Network and/or security certifications such as CCIE/CISSP/JNCIE/SANS GIAC, SSCP or other security certifications strongly preferred
- Perform proactive maintenance, upgrades and improvements in accordance with National Organisational Change procedures.
- Recommend, design, implement and maintain security connectivity solutions including Gigamon, RSA Netwitness, ExtraHop, Fortinet/F5/NSX firewalls, Symantec/Zscaler/Palo Alto/Forti Proxy, A10/F5 SSL technology.
- Contribute to the design, development and maintenance of the company’s network security environment, to ensure efficient and secure information flow.
- Perform advanced Orchestration security and network governance policies for both private and public connectivity issues involving dx/expressroute/gcp/Carrier Grade NAT/security products, firewall/ACL rules, complex routing and NAT rules.
- Must have strong written and verbal communication skills.
- Proven analytical and problem solving, ability to work under stress
- Comfortable with talking to other internal or external organizations regarding failure and incident response situations.
- Develop and document network security topology diagrams.
- Become familiar with Tableau, SharePoint, Jira, IOP/Service-now and other internal tools.
- Weekly on-call shifts, rotating approximately once every 2 months.
Comcast is an EOE/Veterans/Disabled/LGBT employer and all qualified applicants will receive consideration for employment without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex or any other legally protected category.
To apply for this job please visit topspotjobs.com.