Network Perimeter Security Engineer
ClientSolv Technologies is an IT solution firm with over a decade of experience serving Fortune 1000 companies, public sector and small to medium sized companies. ClientSolv Technologies is a woman-owned and operated company that is certified as a WMBE, 8a firm by the Federal government's Small Business Administration.
We are seeking a Network Perimeter Security Engineer for a contract-to-hire role in the south Denver area. This role will be focused on a variety of IT Security initiatives to include: Network and Core Proxies, Policy Creation, Administration, Troubleshooting, Compliance, Monitoring, and Encryption.
- Experience with PKI, Tipping Point (or like IPS), and Database Activity Monitoring (DAM) is the most ideal experience for this role
- 8+ years of relevant professional system engineering or administration experience, with significant exposure to a variety of technologies and domains
- 5+ years of advanced working knowledge of Windows and Linux operating systems
- Experience automating server configurations to include standard build installations and system security hardening
Experience with any of the following would be ideal:
- Network Firewalls (Check Point, Fortinet, Palo Alto, Cisco, Juniper, McAfee, TippingPoint, etc.)
- Intrusion detection/prevention (TippingPoint, McAfee, Sourcefire, IBM, etc.)
- Network infrastructure (HPE, Aruba, Cisco, Juniper, etc.)
- Sandboxing and Analytics (FireEye, Damballa, Check Point, Fortinet, Palo Alto, etc.)
- Application security (F5, Imperva, Citrix, Akamai, etc.)
- Network proxies (Blue Coat, Zscaler, McAfee, Websense, etc.)
- Network admission control (NAC) (Aruba ClearPass, ForeScout, Cisco, etc.)
- Firewall management and auditing (FireMon, Tufin, AlgoSec, RedSeal, Skybox, etc.)
- Network packet brokers (Gigamon, IXIA, NetScout, etc.)
- SSL decryption (Blue Coat, F5, Gigamon, IXIA, etc.)
- Cloud access security brokers (CASB) (Symantec / Blue Coat / Elastica, Adallom, Skyhigh, etc.)
- Desktop security solutions (Symantec, McAfee, Bit9, Tanium, Trend Micro, Palo Alto Traps, CrowdStrike, Cylance, Bromium, etc.)
- Network and/or desktop encryption (BitLocker, Check Point / Pointsec, Gemalto / SafeNet, Thales / Vormetric, etc.)
- Public key infrastructure (PKI)
- Hardware security modules (HSM)
- Authentication solutions (RSA, Entrust, smartcard, biometrics, etc.)
- Database security (Microsoft, Oracle, IBM, Imperva, etc.)
- Data encryption solutions (HPE Secure Data, Gemalto / SafeNet, Thales / Vormetric, etc.)
- Data loss prevention (DLP) (Symantec, McAfee, Websense, etc.)
- Data governance (SailPoint SecurityIQ, etc.)
- E-mail encryption (Proofpoint, HPE SecureData, Microsoft, etc.)
- Virtualization on a large scale (VMware, Microsoft, Citrix, etc.)
- VM segmentation (VMware NSX, Illumio, vArmour, GuardiCore, etc.)
- System management and automation solutions (Symantec / Altiris, Microsoft, IBM / BigFix, etc.)
- Log collection and aggregation (ArcSight, McAfee / Nitro, Splunk, IBM/QRadar, etc.)
- OS Hardening (Windows, Linux, UNIX, etc.)
- File integrity monitoring (Tripwire, NNT, etc.)
Experience that is very nice to have:
- Experience centrally monitoring systems for alerts and incident management functions; preferable with Amazon CloudWatch
- Scripting language experience (Python, NodeJs, etc.), Strong working knowledge of automation tools such as (Puppet, Jenkins, and Chef).
- Working knowledge of RDS database such as PostgresSQL, Oracle, and MySQL
- Any of the following certifications – CISSP, SANS GCIH, Vendor Certifications (CISO, Palo Alto, McAfee, IBM etc).
- A technical Bachelor degree is preferred.
This contract-to-hire role is located in Englewood, CO and will work a rotation of onsite and remote weekly.