Verizon – Firewall Policy Engineer
Firewall Policy Engineer| Network | Branchburg, NJ, USA – July 2014
Lead efforts to provide network security designs, solutions, deployment strategies, and technical documentation for the VZW IP Security Networks in our various MSCs and Network Equipment Centers. Participate in design discussions with VZW NNO Planning and Design Teams to design new secured network segments and transport systems security policies for these locations.
Responsible for analyzing new application data flows and designing firewall policies that support application requirements, adhere to VZW security practices, and meet project timelines. Responsible for analyzing firewall change requests and integrating changes into existing firewall policies, while maintaining security standards. Responsible for analyzing requirements and designing VPNs that provide secure connectivity to VZW Partners and Vendors.
Lead efforts to create new MSC and Network Equipment Center security designs based on current business needs, capacity increases, customer growth, directional platforms and emerging technology releases.
Lead forums and projects on the above and work with other Security, Transport Systems, and CDS teams to discuss and solicit feedback on the designs, standards and implementation approaches. Provide technical leadership and guidance to other members of the Security team.
- Develop and maintain security documentation and standards documents, as required.
- Manage, maintain, and configure security network hardware (ex. Firewalls, Logging Systems, Security Provisioning Systems) when necessary. Provide higher tier technical support to the DSO-I, FSI, DSO-M and DSE teams on all security related networking issues.
- Must support the migration of firewall policies to F5 AFM firewalls. This activity requires knowledge of the Big-IP and Big-IQ firewall modules to assist in solving complex problems associated with these platforms.
- Must be able to troubleshoot and determine root cause of potential issues related to F5 AFM firewalls.
- Bachelor’s degree in Electrical Engineering, Computer Science, Information Technology, or related field.
- Must have strong knowledge of the following
- Checkpoint NGX R65 (or later) security gateways
- Checkpoint Provider -1/Smart Domain Manager (R75)
- Nokia Voyager/Checkpoint Secure platform
- VPN setup and administration
- Juniper ISG 2000 platforms
- Juniper SRX 5800 & 3600 platform
- Juniper NetScreen Manager
- Juniper Network Security Manager
- 3+ year experience with managing firewall rules/policy in a large scale environment
- Experience leading and participating in technical sessions, to lead projects that span multiple organizations, and to coordinate technical, implementation and/or troubleshooting discussions.
- A strong understanding of structured network design and the OSI Interconnect Model, especially how it relates to the design and deployment of structured networks, is required as well as strong project management skills, strong interpersonal and communications skills (written and oral), and the ability to handle multiple projects simultaneously.
- General networking knowledge and good troubleshooting skills
- Familiarity with packet capture tools (TCPdump/FW monitor/Wireshark)
- Strong interpersonal, and written/verbal communication skills
- Must have basic knowledge of the following:
- Juniper ISG/SRX hardware build
- Intrusion Detection and Prevention (IDP) concepts
- Intrusion Detection System (IDS) concept
- Access Control Lists (ACL) concepts (Cisco & Juniper)
- Routing and routing Protocols (OSPF & BGP)
- F5 Big IQ Security Manager
- Equal Employment Opportunity
- Verizon is a Federal Contractor
- Verizon requests veteran priority referrals
- Verizon is an equal opportunity and affirmative action employer M/F/Disability/Vet.