Bentley University is seeking a Senior Network Security Engineer to build and manage the network, anticipating and updating network architecture leveraging next generation tools. This engineer will manage risks, ensure availability, confidentiality, performance and integrity. The role is part of IT – Systems, Networks and Telecom, reporting to the Network Director with a dotted line into the Chief Information Security Officer (CISO).
The role of Senior Network Security Engineer includes key responsibilities such as:
Technical design of LAN/WAN
Configuration, troubleshooting, and analysis for Bentley's Network Infrastructure
Provide leadership and stay current on emerging network technologies
Lead the development and implementation of new network technologies (i.e. IPv6, SDN etc.)
The individual for this role must be knowledgeable in Cloud Services (SaaS, DRaaS) as well as IoT and can integrate them into Bentley's infrastructure. The University expects a high available network, as such, the Senior Network Security Engineer will monitor all network hardware and assures that the network is running 7 X 24. This position participation in an on-call rotation for second and third shifts. The Senior Network Security Engineer configures, monitors and manages the University's network and network security systems. This includes: firewalls, VPN appliances, routers, switches, IPS/IDS, and other vulnerability management software. This person will partner with an outside monitoring vSOC firm to conduct daily security log review, maintenance and archival of network security devices. Working with the CISO and outside firms, the engineer will perform internal and external security assessments and test to validate the effectiveness of the controls. Identifying and remediating network vulnerabilities is required. Troubleshooting and Resolution: The engineer must work to resolve security and network issues by working independently, with team members, with other University departments, and/or with consultants. Independently isolating variables, identifying problems and delivering a concise solution to fix problems is essential. The engineer will coordinate the management of multiple open issues and interface with vendors, other internal functional areas, and/or end users at all levels
Assist in the development and implementation of overall network security and architectural strategy.
Provide leadership to junior members of the network team.
Work well within a team, communicate to senior leadership and translate technical issues into clear and understandable business terms.
Ability to lead and manage network projects.
Perform detection and remediation of identified security events. Participate in incident response and forensics as required.
Configure, monitor and maintain all LAN/WAN equipment including Firewalls, routers, switches, Load Balancers, IPS/IDS, and VPN appliances.
Configure and Upgrade and/or install new hardware as required.
Make adjustments, additions or deletions to maintain maximum performance, reliability and security. Maintain and monitor university log management systems.
Upgrade and fine tune systems as necessary. Monitor and maintain remote user access. This includes: IPSec-VPN and SSL-VPN tunnels for faculty, staff and vendors. This includes adding and removing users in accordance with current policies. Providing up to date reports and keeping access current.
Strong knowledge in network and security technologies such as Ethernet, VLANs, 802.1q VLAN trunking, firewalls, IPS/IDS, Wireless, protocol analysis, TCP/IP (IPv4), AAA (Authentication, Authorization, Auditing), DHCP, DNS, VPN.
Familiarity with applicable laws and regulations (i.e. FERPA, HIPPA, PCI, DMCA).
A Bachelor's degree in Computer Science or related discipline preferred (or equivalent work-related experience) and a minimum of 5-7 years working as a network engineer, with previous senior level experience preferred. Strong knowledge with Juniper L2/L3 switches. Strong overall knowledge in routing and dynamic routing protocols (OSPF, BGP). Must have experience with Cisco ASA 5500 for IPSec and SSLVPN. Palo Alto firewalls, Cisco ASR series Routers. Preferred Experience with any of the following network security tools: Wireshark, Splunk and Tenable Nessus. A good understanding of Windows AD, VMware, DNS/DHCP. Solid experience in controller based, wireless networks, Aruba preferred. Preferred Qualifications include experience with networking in the cloud, particularly in the MS Azure environment.
Posting #: FY182P1673
Bentley University requires reference checks and may conduct other pre-employment screening.
Open Until Filled: No
Internal Number: 3800
About Bentley University
Bentley University is one of the nation's leading business schools, dedicated to preparing a new kind of business leader and one with the deep technical skills, the broad global perspective and the high ethical standards required to make a difference in an ever-changing world. To achieve our goal, we infuse our advanced business curriculum with the richness of a liberal arts education. The results are graduates who are making an impact in their chosen fields and turning their passions into success stories. Located on a classic New England campus just minutes from Boston, Bentley is a dynamic community of leaders, scholars and creative thinkers.