|Title:||Security Analyst III|
Our world headquarters is centrally located in Topeka, KS, facilitating easy travel to all parts of the country. And Topeka enjoys close proximity to Kansas City and Lawrence, home of the University of Kansas, providing our Associates with multiple communities in which to reside.
The Security Analyst III is responsible for designing, engineering, implementing, and supporting/maintaining complex security infrastructure deployments. This includes analysis and support for the following technologies: Firewalls, IDS/IPS, UTM, VPN, Web Content Filters, Proxies, DLP, SIEM, and Log aggregation/correlation technologies.
- Responsible for the overall management of Enterprise client security infrastructure including the planning, design, deployment and 24x7 management
- Assists in the development and implementation of security policies, procedures and measures in a networking environment
- Prepare, Configure, Administer and Manage Firewalls, ACLs, VPN appliances, UTM, IPS/IDS and applicable Network management tools in a multi-vendor environment
- Provides complex design, best practices, engineering, implementation, maintenance, and hardware/software upgrade of overall security infrastructure for the client.
- Perform security architecture reviews and develop detailed engineering design and deployment plans in order to identify and prevent security breaches
- Creates and revises network and security documentation
- Prepares status reports on security matters to develop security risk analysis scenarios and documents solutions
- Provide Audit support
- Provide support and troubleshooting on network security. Participates in an on call rotation to provide 24x7 support
- Maintains thorough knowledge of existing security hardware / software and related vulnerability assessments in use to provide third-tier technical and administrative support
- Day to day monitoring and performance and tuning of the security functionality.
- Proactively anticipates networking and security needs for planning and budgeting
- Reviews security service changes and maintenance arrangements.
- Remains informed of new security technologies and trends; evaluates and makes technology recommendations to management for the continual improvement of the network infrastructure
- Provide Audit support and maintain network security environments to comply with relevant compliance standards (e.g. Sarbanes-Oxley)
- Responsible for review and quality control of team members work
- Vendor Management
- Educates and train other engineers and users about network security policies and consults on security issues
- Prioritize tasks and allocate time to successfully complete projects with minimal supervision
- Extensive experience in planning, managing, and maintaining local area networks (LAN) and wide area networks (WAN)
- Ability to apply past experience and industry proven practices to develop security solutions in medium to large-scale enterprise environments
- Ability to manage multiple projects and deadlines
- Ability to train other engineers on specific technologies
- Ability to translate customer requirements into advanced technical solutions
- Ability to clearly articulate technical designs, constraints, processes, etc.
- Strong analytical and problem resolution skills and experience in enterprise environment.
- Good presentation/communication skills for technical and non-technical concepts
- Excellent interpersonal skills with the ability to establish strong relationships with management and technical personnel
- Self-directed to complete tasks in a timely manner with minimal supervision
- College education and in depth knowledge of network security technologies is required.
Industry/vendor security certifications preferred
- ISC2, CISSP, SANS, Cisco CCIE, CCNP or CCSP, Juniper JNCIA, Network+, Security+, etc.
- Must have a minimum of 5 years experience in operating and engineering security infrastructure for large Global Enterprise networks.
A minimum of 3 years experience in the design and implementation of advanced security solutions, including:
- Firewalls, UTMs, Application Proxy, VPNs, DDOS prevention, IDS/IPS, Email, Anti-Virus, Malware, NAT, PAT, and ACLs
- Experience with user and system authentication methodologies, Single Sign On, data authentication methods, authorization options (role-based authorization using Active directory attributes) required.
- Juniper, Palo Alto, Fortinet, Cisco (ASAs), etc. security based platforms
- Vulnerability Assessments
- An enterprise network with secure data centers as well as campus and global branch office networks
- Internet services (e.g., Internet Access, Web Services)
- Remote access services including IPSec & SSL VPNs
- Experience working with Packet capture technologies including Sniffer and TCP dumps
- Experience performing and participating in security audits
- Client relationship management experience
Equal Employment Opportunity Employer:
Qualified applicants are considered for employment without regard to race, color, creed, religion, national origin, ancestry, citizenship, age, sex, pregnancy, sexual orientation, marital status, disability, veteran status or any other protected status.
This employer participates in E-Verify.
NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United Sates.
This employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee's form I-9 to confirm work authorization.
IMPORTANT: If the Government cannot confirm that you are authorized to work, this employer is required to provide you written instructions and an opportunity to contact SSA and /or DHS before taking adverse action against you, including terminating your employment.
Employers may not use E-Verify to pre-screen job applicants or re-verify current employees and may not limit or influence the choice of documents presented for use on the Form I-9. In order to determine whether Form I-9 documentation is valid, this employer uses E-Verify's photo screening tool to match the photograph appearing on some permanent resident and employment authorization cards with the official U.S. Citizenship and Immigration Services' (USCIS) photograph.
If you believe that your employer has violated its responsibilities under this program or has discriminated against you during the verification process based upon your national origin or citizenship status, please call the Office of Special Counsel at 1-800-255-7688 (TDD: 1-800-237-2515).
For more information on E-Verify, please contact DHS at: 1-888-464-4218.
Right to Work Notice:
If you have the right to work, don't let anyone take it away.
If you have a legal right to work in the United States, there are laws to protect you against discrimination in the workplace.
You should know that -
- No employer can deny you a job or fire you because of your national origin.
- Unless mandated by law or government contract, employers cannot require you to be a U.S. Citizen or permanent resident or refuse any legally acceptable documents.
If any of these things have happened to you, you may have a valid charge of discrimination that can be filed with the OSC. Contact the OSC for assistance in your own language.
Call 1-800-255-7688. TDD for the hearing impaired is 1-800-237-2515.
In the Washington, D.C., area, please call 202-616-5593, TDD 202-616-5525
Or write to:
U.S. Department of Justice
Office of special Counsel - NYA
950 Pennsylvania Ave., N.W.
Washington, DC 20530