Black & Veatch
Sr. Network Security Engineer
Black & Veatch allows you to lend your talent and perspective to humanity's biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation; 401K match and benefits that start day 1. Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use. The Opportunity
As the Sr. Network Security Engineer, you will have the opportunity to: Serve as a technical network security engineer, configuring, monitoring, and maintaining security standards on next-generation firewalls and security service edge solutions Ensure traffic is segmented, inspected, and managed per policy and business needs Be network security lead for offshore engineering staff in troubleshooting, daily tasks, and change oversight Key Responsibilities
Configure, administer, and maintain all network security hardware/software, monitoring tools, and security management portals Install, configure, and maintain complex multi-site VPN & TCP/IP networks Develop, recommend, and implement new and updated procedures together with key stakeholders to ensure an effective, streamlined, secure, and scalable operation and solution Maintain access to services such as applications, servers, routers, and related software and hardware via VPN Troubleshoot and resolve network performance problems Monitor and troubleshoot firewalls, logs, and connectivity issues Develop and support network automation and maintenance scripts Network firewall capacity planning Assists with the planning and implementation of the overall VoIP Connectivity solution. Proactively engages peers to understand key metrics for the business. Proactively researches and identifies new products and technologies that align with the strategic vision of the organization. Proactively seeks out educational opportunities to ensure long-term growth for this position. Stay abreast of current and future industry trends related to network firewall technologies and application toolsets. Preferred Qualifications
Degree in Computer Science, Business Administration or related discipline 8+ years' hands-on experience working in heterogeneous TCP/IP intensive environments Strong understanding of security architecture & protocols, SASE/SSE solutions, VPNs, NAT, SSL/TLS, and IPSec Experience with network troubleshooting, capacity planning, performance tuning, firewall security design, and security best practices Demonstrate a high-level hands-on experience of working directly with each of the following: Palo Alto (plus Panorama/Prisma Access) Cisco Security (ASA, ISE, Firepower NGFW) Cisco Secure Client/AnyConnect Security Secure Edge (SSE) Solutions (Zscaler/Prisma Access/Cisco Secure Client) Network Monitoring and Management Demonstrate general hands-on experience working with each of the following: Network routing protocols (BGP/OSPF) Cisco Data Center Networking F5 Load Balancing High level of independent thinking and the ability to solve problems in a fast-paced environment Ability to engage in deep system level problem determination and resolution Must be able to work well within a technical team, as well as interface well with the outside business units Excellent organization skills, the ability to multi-task and prioritize various types of work and be able to meet/set deadlines for all assigned work Excellent interpersonal and communication skills (both written and verbal), able to relate with users, service providers, and management Ensures all solutions adhere to applicable change control requirements Must be able to respond to, and work on, after hours issues related to all technologies/protocols/solutions Self-motivated, proactive approach, able to work well independently in support of customer service level agreements Occasional travel will be required. Must be able to travel without restriction, when required Carries out duties in compliance with established business policies Responsible for exhibiting professional behavior with both internal/external business associates that reflects positively on the company and is consistent with the company's policies and practices Understands and is aware of the quality consequences which may result from the improper performance of their specific job. Has awareness of device defects that may occur in their area of responsibility, including product design, verification and validation, manufacturing and testing activities Minimum Qualifications
Bachelor's degree 8-10 years experience All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Work Environment/Physical Demands
Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments. Salary Plan
ITS: Information Technology Service Job Grade
006
Black & Veatch allows you to lend your talent and perspective to humanity's biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation; 401K match and benefits that start day 1. Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use. The Opportunity
As the Sr. Network Security Engineer, you will have the opportunity to: Serve as a technical network security engineer, configuring, monitoring, and maintaining security standards on next-generation firewalls and security service edge solutions Ensure traffic is segmented, inspected, and managed per policy and business needs Be network security lead for offshore engineering staff in troubleshooting, daily tasks, and change oversight Key Responsibilities
Configure, administer, and maintain all network security hardware/software, monitoring tools, and security management portals Install, configure, and maintain complex multi-site VPN & TCP/IP networks Develop, recommend, and implement new and updated procedures together with key stakeholders to ensure an effective, streamlined, secure, and scalable operation and solution Maintain access to services such as applications, servers, routers, and related software and hardware via VPN Troubleshoot and resolve network performance problems Monitor and troubleshoot firewalls, logs, and connectivity issues Develop and support network automation and maintenance scripts Network firewall capacity planning Assists with the planning and implementation of the overall VoIP Connectivity solution. Proactively engages peers to understand key metrics for the business. Proactively researches and identifies new products and technologies that align with the strategic vision of the organization. Proactively seeks out educational opportunities to ensure long-term growth for this position. Stay abreast of current and future industry trends related to network firewall technologies and application toolsets. Preferred Qualifications
Degree in Computer Science, Business Administration or related discipline 8+ years' hands-on experience working in heterogeneous TCP/IP intensive environments Strong understanding of security architecture & protocols, SASE/SSE solutions, VPNs, NAT, SSL/TLS, and IPSec Experience with network troubleshooting, capacity planning, performance tuning, firewall security design, and security best practices Demonstrate a high-level hands-on experience of working directly with each of the following: Palo Alto (plus Panorama/Prisma Access) Cisco Security (ASA, ISE, Firepower NGFW) Cisco Secure Client/AnyConnect Security Secure Edge (SSE) Solutions (Zscaler/Prisma Access/Cisco Secure Client) Network Monitoring and Management Demonstrate general hands-on experience working with each of the following: Network routing protocols (BGP/OSPF) Cisco Data Center Networking F5 Load Balancing High level of independent thinking and the ability to solve problems in a fast-paced environment Ability to engage in deep system level problem determination and resolution Must be able to work well within a technical team, as well as interface well with the outside business units Excellent organization skills, the ability to multi-task and prioritize various types of work and be able to meet/set deadlines for all assigned work Excellent interpersonal and communication skills (both written and verbal), able to relate with users, service providers, and management Ensures all solutions adhere to applicable change control requirements Must be able to respond to, and work on, after hours issues related to all technologies/protocols/solutions Self-motivated, proactive approach, able to work well independently in support of customer service level agreements Occasional travel will be required. Must be able to travel without restriction, when required Carries out duties in compliance with established business policies Responsible for exhibiting professional behavior with both internal/external business associates that reflects positively on the company and is consistent with the company's policies and practices Understands and is aware of the quality consequences which may result from the improper performance of their specific job. Has awareness of device defects that may occur in their area of responsibility, including product design, verification and validation, manufacturing and testing activities Minimum Qualifications
Bachelor's degree 8-10 years experience All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Work Environment/Physical Demands
Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments. Salary Plan
ITS: Information Technology Service Job Grade
006