Infrastructure Network Security Engineer

  • Harvard University
  • Cambridge, MA, USA
  • Mar 07, 2018

Job Description

Duties & Responsibilities
Harvard University Information Technology (HUIT) is a community of Information Technology professionals committed to understanding our users and devoted to making it easier for faculty, students, and staff to teach, research, learn, and work through the effective use of information technology. We are recruiting an IT workforce that has both breadth in their ability to collaborate and innovate across disciplines - and depth in specific areas of expertise. HUIT offers opportunities for IT professionals to learn and work in a unique technology landscape and service-focused environment. If you are a technically proficient, nimble, user-focused and accountable IT professional who also connects with the importance of collaborating well in a team environment we are looking for you!

The Network Security Engineer works on the InfraSecOps team, reporting to the Manager of Infrastructure Security Operations. This engineer is responsible for securing network security hardware and software, enforcing the network security policy and complying with requirements of both internal and external security audits and recommendations.

• Coordinate and execute Network Security operations activities including but not limited to firewall policies, router ACL, Proxy service requests.
• Analyze server, network and firewall logs while scrutinizing network traffic and troubleshooting as necessary.
• Execute vulnerability and intrusion detection scans, analyze reports, and produce recommendations.
• Establish and maintain processes and models to discover and remedy security incidents detected by InfraSecOps and HUIT Information Security.
• Proactively monitor security systems and perform preventative maintenance and security updates to prevent performance impacts to systems and business functions.
• Perform analysis of network security needs and contributes to design, integration, and installation of security hardware and software.
• Design, plan and implement projects as to support the day-to-day production requirements and disaster recovery initiatives.
• Create, maintain and update operational documentation of client security infrastructure, communication flows, and routing necessary to support the environment.
• Support Infrastructure Technology Services (ITS) DevOps and other operational teams when new systems or servers are introduced or new clients are on boarded or migrating to Cloud.
• Apply troubleshooting and root cause analysis methodologies to resolve security incidents detected on the network.
• Collaborates with senior team members to identify issues involved in the integration and enhancement of the processes and tools utilized in efficient and stable ACL and firewall maintenance and develops plans to improve. Emphasis on automation practices.
• Participation in 24x7x365 on-call rotation.

Basic Qualifications

• Bachelor's degree preferably with coursework in computer science, information systems or information technology, or equivalent, related and progressive work experience.
• 5-7 years of progressive experience in an IT infrastructure or security.

Additional Qualifications
• Proven knowledge of on-prem and cloud network infrastructure and network security.Hands-on experience on Unix commands & editing, subnetting, and insight and follow-through to assure the proper application of standards and best practices regarding on-prem and cloud firewalls and ACL's.
• Hands-on experience with SIEM such as Splunk, security anomaly detection and prevention, and automate security initiatives.
• Experience managing project documentation, and establishing workflow processes that streamline incident resolution.
• Service mindset; strong customer focus; excellent written and oral communication; problem-solving skills, and team-orientation.
• Knowledge of:IPAM & DNS methodologies; Cisco and routers and switches, LAN and WAN protocols; Cloud Network and Security; Cisco ASA, Fortinet, AlgoSec, BlueCoat Proxy, and Splunk.
• Security-related certification - CISSP, Fortinet NSE, CCNA-Security, CCNP-Security a plus
• We seek a technical professional with an understanding of emerging technologies, technology trends and their applicability in a university setting.

EEO Statement
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, gender identity, sexual orientation or any other characteristic protected by law.