Must-haves: -Setting up/Installation & Configuration of firewalls -Analyze logs & change firewalls -Checkpoint Provider 1 - Version R65 (the console they will -5+ be making changes in) + R71 -Work with 100's of servers - enterprise experience -Respond to tickets - 5-10 a week for all 4 business units, & report to B.U -Create Vlans off devices -Segment Network -Implement new rules to add on properties & applications -Must work nights if needed Plusses: -Cisco -CISSP is required Day-to-Day We need two mid-senior level Checkpoint Firewalls admins to sit on site in Indianapolis. The environment is 90% checkpoint, with some Cisco as well. They will be using Checkpoint Provider 1 (version R65, i.e. the console in which they will make all changes). There will be 100's of firewalls so this person must have experience in a large environment. They will be supporting the Business Units by reviewing, setting up & configuring Checkpoint firewalls in addition to segmenting the network. Interview Notes: -conversion of all Juniper firewalls to Checkpoint firewalls (don't need Juniper exp, only Checkpoint) -do the conversion, installation, and then slowly make the rules, policies on the networking side -managing traffic in and out on the network -ok with commute? SYSTEM REQO: Primary Function: The role of the Security Engineer is to be a part of security team that safeguards the enterprise infrastructure and information across Wyndham Worldwide holdings domestically and internationally. The position scope involves implementation, maintenance and configuration of key enterprise security initiatives. Specific initiatives include maintaining and configuring the following products as well as other security devices & operations: Check Point firewalls via Provider-1/SmartConsole, R65-R71 experience preferred Check Point VSX with firewall virtualization Tipping Point IPDS and SMS Management server systems systems Juniper VPN appliances Juniper firewall Cisco FWSN firewall and Cisco Security Manager (CSM) Cisco ASA/PIX site-to-Site VPN BlueCoat Proxy and content filtering Entrust RSA two factor configurations The Security Engineer is expected to maintain professional working relationships at all times. Contacts will include key corporate stakeholders, the Information Security Team, business unit personnel, associated working groups, and external contacts within the information security industry. The individual is expected to meet objectives with integrity and efficiency. Essential Duties and Responsibilities: * Proactively implements, updates, maintains, manages, monitors, and supports enterprise network and systems security operations infrastructure throughout the shared services environment * Performs change control and device configuration management activities on all security hardware * Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis * Participates in security incident response team activities, providing and implementing tactical risk mitigation to incidents * Actively protects the availability, confidentiality, and integrity of customer, employee, and business information * Works with other Enterprise security team members to review security architecture and design documents to ensure consistency, accuracy and compliance with the articulated security posture and industry requirements * Provides vulnerability and threat management monitoring and Mitigation response * Participates in tactical and operational planning of vulnerability assessment activities * Contributes to Enterprise security team effectiveness by Accomplishing additional security related results as needed * Assists Senior and Lead Security Engineers in the review, development, testing and implementation of security plans, products and control techniques * Act in a supporting role in the execution of EIS projects and initiatives · Participates in operations and tactical planning Qualifications: * In depth knowledge of the OSI networking model, TCP/IP protocols, * In depth knowledge of network security best practices, and Firewall administration, especially Check Point Firewall-1 * Experience with Provider One or Check Point's Smart Center management station Tipping Point Intrusion Protection System management and configuration experience * Two years of security device management * Relevant security certifications preferred include: Check Point Administrator (CCSA) Check Point Engineer (CCSE) CISSP Security+ Other certifications may include: CCNA SSCP CCSP |
No comments:
Post a Comment