Network and Security Director

Prefer local candidates or candidates that can relocate :

Job Description :

Position Overview

The primary responsibility of the Network & Security Director includes security configuration management, patch management, certificate management, assessment of and remediations actions of firmware; firewall rules, proxy rules; and all end points (workstation, mobile, network, server, cloud apps). This role will lead the team of Network & Security Engineers supporting the IT environment. This role will leverage data to drive decisions, explore solutions, create lessons learned, understand failures, and improve manual activities with automation. This position leads the IT Security team and utilizes leadership influence and collaboration with other IT team resources & partners with Cyber Security organization to drive the secure configuration(s) of the enterprise.

Essential Duties & Responsibilities

Support the IT Operations function with it’s primary goals of RUN, MAINTAIN and SUSTAIN

Provide strategic leadership, and direction to the IT Security team providing direction to a distributed and remote team of Security Engineers.

Managing and inventory of service accounts used throughout the desktop computing environment, including the associated software / applications for which they are used

Managing and inventory of generic and / or shared user accounts used throughout the organization

Managing InTune including deployment of IT Security end point agents, desktop patch deployment status, etc.

Ensuring that patches are deployed to all supported workstations, servers, network devices and applications to maintain compliance

Ensuring the secure configuration of all supported workstations, servers, network devices and applications

Managing submission of exceptions to Cyber Security related to patch and configurations that cannot be applied

Facilitate change control and management for patching, configuration, , upgrades and certificate implementation for the enterprise

Responsible for run and maintain support of the cyber security tool suite

Ensure tool effectiveness in terms of making sure it is running according to vendor specification, configuration, and deployment requirements

Ensure package development used to roll end point agents and associated configurations out across the desktop computing environment.

Maintaining an inventory of all deployed network devices including; firewalls, routers, switches and other network components.

Maintain an inventory of all Virtual Local Area Networks and Internet Protocol Address Maangement (IPAM)

Managing deployment of secure configurations and firmware packages for all network devices where security posture is affected

Ensurethat security firmware updates are tested, certified and deployed to all supported network devices

Work with compliance & audit staff to identify areas of risk and mitigation plans

Maintains direction and focus through proactive planning and organized approaches to work

Establishes goals, monitors progress toward them, and ultimately achieves these goals

Deliver all services to customers within or exceeding SLAs

Oversee the deployment of new network, releases, infrastructure, and services

Expand and enhance the capabilities of the team to manage the enterprise environment

Support the operation of solutions to manage a multi-site network in an enterprise environment

Maintain configurations for Aruba switches, routers and APs and other cloud infrastructure PAAS and IAAS services in accordance with company security guidelines

Monitor efficiency and consistency of delivery by developing automation for integrations and improvements

Ensure support for Cisco IP Telephony service through an MSP relationship and Teams integration.

Report on adherence to reliability metrics and resource consumption

Support service providers, vendors, and other peer teams through collaboration and effective communication

Contribute to enhancement of, and ensure adherence to IT policies and standards

Maintain desired state configurations for network and security technology solutions, as well as reporting standards

Collaborate with other enterprise infrastructure teams to develop and document best practices and patterns of deployment

Identify risks and issues and escalate to management accordingly

Responsible for obtaining adherence to reliability metric objectives and optimized resource consumption

Develop and document best practices and patterns of deployment

Proactively identify gaps, risks and issues and escalate to management accordingly

Distill and effectively present information to senior leaders

Establishes a resource planning and capacity management process and aligns resources across the IT organization for key programs

Perform job duties in a safe manner.

Attend work as scheduled on a consistent and regular basis.

Perform other related duties as assigned.

Technical Skills

Firewall technologies including nextgen application firewalls, appliances and physical devices

Internet proxies, reverse proxies and related filtering technologies

Systems management software such as InTune, Jamf, Landscape,

Vulnerability scanning technologies such as Rapid7, Qualys, Nessus

Software vulnerabilities testing and remediation (OWASP / SANS CWE)

Container platforms and orchestration with Docker and Kubernetes

Scripting with Python, Power Shell, Bash / KSH, YAML

Infrastructure technologies from VMWare, Linux, Microsoft, HCI, Docker

Virtualization with VMware, Kubernetes

O365, Exchange, Identity and Collaboration platforms

Network topologies, protocols, and standards

Network configuration and administration with Cisco, Azure, Silver Peak, Aruba

Network access and traffic control with Checkpoint, Zscalar, SDWan, SDLan

Monitoring with ITRS, Big Panda, App Dynamics, Dynatrace

Minimum Qualifications

Proof of authorization to work in the United States

Preferred : BA / BS degree in Computer Science, Engineering, or related discipline

10+ years of relevant work experience

Ability to prioritize work in a highly complex environment

Ability to influence and mentor others

Candidates should demonstrate technical acumen across several of these disciplines :

Aruba networking platforms including core and edge switches, UXI and Wi-Fi implementations

Aruba Central management platforms

Strong skills to manage complex routing and VPN environments in both an on-prem and cloud infrastructure

Solid experience using zScaler or similar proxy services

Deep understanding of firewall configurations and deployments in both an on-prem and cloud-based environment, such as WAF

Mastery of network topologies, routing protocols, and standards

Expertise managing encryption such as PKI, block cipher, AES, RSA, etc.

Expertise with certificate management, architecture, deployment, lifecycle management.

Experience with password vaulting and secrets management using products such as Bitlocker, BeyondTrust, Azure Vault, etc.

Network configuration and administration with Azure, Silver Peak, Aruba and Checkpoint

Familiarity with access control models and network security

Experience with monitoring platforms such as ITRS Geneos / Opsview

Experience working in an advanced service desk environment such as ServiceNow for incident management, request fulfillment and problem management.

Familiarity with regulatory requirements and controls for legislation such as : HIPAA, COPPA, FCRA, GLB and GDPR

Monitoring and diagnosing performance issues

Designing, writing and updating both system documentation and network diagrams

Perform software / firmware updates to all network devices

Participate in on call duty rotation

In-depth understanding of communication protocols (mainly TCP / IP) and routing protocols (e.g. BGP, OSPF)

Extensive experience in technical design, strategic planning, budgeting and allocation, implementation, information security, and technology assessment

Familiar with IT Security concepts, design principles, best practices, standards, and processes

Exceptional analytical, statistical, quantitative, and deduction skills.

Ability to communicate clearly in a multicultural, multinational environment with both technical and non-technical business stakeholders, as well as executive level management.

Ability to represent information in graphical forms including using modeling languages, developing process flows, creating data and topology diagrams, etc.

Understanding of business processes and fundamental corporate finance, management, and accounting principles

Knowledge of secure coding best practices and security framework standards : NIST, COBIT, ISO

Proficiency working in continuous integration and deployment (CICD), DevOps, or SRE

Must be able to work varied shifts, including nights, weekends and holidays.