This job is no longer available. Continue your job search here.
Infrastructure Security Engineer
Bucharest
Job No. 11225187
Full-time - Remote
Job Description
Overview
Infrastructure Engineering platform is responsible for design, implementation and operation of infrastructure solutions interconnecting, protecting and managing the client network.
Key Responsibilities
• Due diligence of existing client’s platform, analyzing physical topology, logical interconnectivity, service dependency, application flows and security constraints according to existing and agreed methodology.
• Support and troubleshoot infrastructure network security elements and systems delivered by the project to the client during transition/handover period. That includes firewalls, intrusion detection systems, virtual private networks (VPN), security device management platforms, etc.
• Creating and maintaining technical documentation for the delivered or operated infrastructure. Raising and fulfilling changes, service requests, task records while adhering to agreed processes and procedures.
• Lifecycle management (patching), testing, acceptance, replacement and (re)provisioning.
• Developing connectivity and security solution in cooperation with Infrastructure and Application SMEs for solid end-to-end secure communication using existing industry standards, best practices and know-hows fitting it into existing infrastructure and operations framework.
• Communicating with technical stakeholders to understand requirements, challenges and risks.
Qualifications
Role Requirements
• Have 1+ year(s) of infrastructure security experience working with at least 1 of major firewall platforms (Palo Alto, Juniper, Cisco, Fortinet, etc.). Certificate for any of the platform is a plus.
• Alternatively have 1+ year(s) experience in Data Centre Security and micro-segmentation (zero-trust model and core segmentation, NSX, ACI, Tetration, etc.)
• Alternatively have 1+ year experience with Cloud Security platforms – either cloud edge IaaS firewall or Cloud SaaS solution (Cisco CSR/vMX, Cisco AMP/SIG, CheckPoint, zScaler, PRISMA, etc.)
• Have a good understanding of networking – either classic (switching, dynamic routing protocols, static and rule-based routing, etc.) or cloud (VPC, peering, gateways, SD-WAN secure fabric). Certificate in any networking area is a plus.
• Have a good knowledge of encryption and tunneling protocols (PKI, IPSec, SSL VPN, TLS, IKE, IKEv2, etc.)
• Understand application protocols in context of OSI network layers and content inspection (Load-balancing, WAF, IPS, IDS, etc.)
• Understand cloud technologies and infrastructure virtualization (IaaS, PaaS, SaaS, NFV, SDN, SD-WAN)
• Understand baseline security requirements and platform hardening principles. • Be flexible for international business trips to attend client meetings or workshops or perform remote site installation and configuration.
• Have good verbal communication skills (English) in both technical and non-technical communications.
• Have good experience creating design documents (HLD, LLD) diagrams (Visio) and presentations (PPT)
• Have good analytical mindset for problem solving under stress and time pressure.
We offer:
• Benefits packages
• Training package on various technologies (e.g. SDN, Cisco, Fortinet, VMware, different Cloud platforms, etc.) and possibility to gain a certification.
• International teams and multilingual environment
• Access to the latest high-tech solutions and opportunity to specialize in other technologies
• Ability to learn from the best IT experts on the market
