Date Posted: 2019-10-08 | Date Modified: 2019-02-06 | Expires: 2019-11-07

Security Consultant

Job Description

- In depth understanding and experience in Security protocol technologies.
- Experience designing, deploying and supporting dynamic routing protocols
- Good understanding on solution designing and implementation of Force scout NAC solution.
- In depth understanding and experience in working with Bluecoat proxy
- In depth understanding and experience in Sophos proxy
- Capable in handling the proxy issues and additional deployment according to business requirement.
- Experience in designing the proxy
- Good hands on exposure on Remote Access VPN - Cisco ASA.
- Provide production network deployment, configuration, support and upgrades of Cisco/ Palo Alto Firewall and Bluecoat proxy.
- Expertise in Cisco ASA along with the context base platform.
- Expertise in PaloAlto and capable in troubleshoot the high critical issue and implement new requirement according to business need.
- Experience in AWS cloud setup.
- Experience in Firewall/AV (Trend) within AWS cloud.
- In depth understanding on Antivirus (Trend AV) solution and deployment
- Expertise in troubleshoot on AV and understanding the security risks policy and providing remediation plan against the threats.
- Hands-on experience working with F5 Load Balancers- APM
- In depth understanding in troubleshoot on F5 APM and ability to address complex issues
- Thorough understanding of modern service provider TCP/IP data networks using standards and technologies. Experience configuring and managing Cisco ASA Firewalls
- Experience of managing large scale security network infrastructure and Data Centres kind of network.
- In depth knowledge of configuring and troubleshooting Cisco/Palo Alto firewalls, like ACL, Remote Access VPN, IPSEC VPN, SSL VPN, NAT, PAT, Clustering, End point security assessment
- Worked on Network Performance Monitoring and Troubleshooting
- Communicate effectively, both orally and in writing, including conveying technical subject matter clearly and concisely.
- Design & Implementation of Data Centre Firewall security
- Perform RCA for Major Incidents related to his / her tower Follow quality / security process defined for the engagement.
- Responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations
- Experience of large DC Network security architecture migration would be an added advantage.
- Day to day administration of L3 and escalated calls and provide resolution.
- Be proactive to anticipate issues or situations which impact service quality, as part of Problem management and Capacity Management functions
- Contributes to knowledge tools and communities, and ensures project learning's are documented, responsible to update the runbook.
- Able to work under pressure in a high-paced customer service environment, and able to prioritize multiple tasks effectively


Security NAC
• Subject matter expert (SME) for Cisco Identity Services Engine (ISE) solution, helping maintain stable operations while enhancing the service.
• Good Understanding on NAC Solution designing and implementation on Force Scout
• Understand the security architecture, implementation and improving security solution for Network Access Control.
• Configure and lead the configuration, policy creation, policy tuning in Cisco ISE solution.
• Extensive experience with Cisco Identity Service Engine solution in monitoring mode and enforcing mode, security posturing, compliance assessment.
• Continually assess security controls for deficiencies and drive remediate and improvement efforts.
• Experience with designing and deploying Cisco ISE (Network Access Control) infrastructure, creating new device profiles for 802.1X and MAB.
• Experience with establishing network access restrictions using Cisco SGT (Scalable Group Tags).
• Experience with 802.1x, WPA2 Enterprise, authentication and access controls in a mobile environment, and with mobile device security.
• Experience with working in a large enterprise environment, the associated challenges and their inherent security strengths and weaknesses.
• Experience with Cisco switches in configuring, troubleshooting and optimizing Network Access Device (NAD) configurations to ensure proper ISE functionality.
• Experience in EAPOL, EAP and PEAP authentication protocol.
• Experience on User and Machine Authentication – Certificate Based and LDAP/AD based.
• Stablishing a baseline ISE security rules/policies working with other service lane members
• Implementing redundant/HA Cisco ISE solution
• Radius and TACACS+ authentication and authorization methods
• Integrating Cisco ISE solution with enterprise PKI architecture
• Implement ISE solution for campus LAN, wireless, remote access and guest network environments
• Integrating ISE with enterprise patching and anti-virus solutions
• Understanding of Radius and TACACS authentication with Cisco ISE
• Understanding of remote access VPNs with PKI authentication
• Understanding of 802.1X authentication process
• Understanding of Cisco ISE remediation process
• Understanding of Cisco guest access authentication process

Requirements

- In depth understanding and experience in Security protocol technologies.
- Experience designing, deploying and supporting dynamic routing protocols
- Good understanding on solution designing and implementation of Force scout NAC solution.
- In depth understanding and experience in working with Bluecoat proxy
- In depth understanding and experience in Sophos proxy
- Capable in handling the proxy issues and additional deployment according to business requirement.
- Experience in designing the proxy
- Good hands on exposure on Remote Access VPN - Cisco ASA.
- Provide production network deployment, configuration, support and upgrades of Cisco/ Palo Alto Firewall and Bluecoat proxy.
- Expertise in Cisco ASA along with the context base platform.
- Expertise in PaloAlto and capable in troubleshoot the high critical issue and implement new requirement according to business need.
- Experience in AWS cloud setup.
- Experience in Firewall/AV (Trend) within AWS cloud.
- In depth understanding on Antivirus (Trend AV) solution and deployment
- Expertise in troubleshoot on AV and understanding the security risks policy and providing remediation plan against the threats.
- Hands-on experience working with F5 Load Balancers- APM
- In depth understanding in troubleshoot on F5 APM and ability to address complex issues
- Thorough understanding of modern service provider TCP/IP data networks using standards and technologies. Experience configuring and managing Cisco ASA Firewalls
- Experience of managing large scale security network infrastructure and Data Centres kind of network.
- In depth knowledge of configuring and troubleshooting Cisco/Palo Alto firewalls, like ACL, Remote Access VPN, IPSEC VPN, SSL VPN, NAT, PAT, Clustering, End point security assessment
- Worked on Network Performance Monitoring and Troubleshooting
- Communicate effectively, both orally and in writing, including conveying technical subject matter clearly and concisely.
- Design & Implementation of Data Centre Firewall security
- Perform RCA for Major Incidents related to his / her tower Follow quality / security process defined for the engagement.
- Responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations
- Experience of large DC Network security architecture migration would be an added advantage.
- Day to day administration of L3 and escalated calls and provide resolution.
- Be proactive to anticipate issues or situations which impact service quality, as part of Problem management and Capacity Management functions
- Contributes to knowledge tools and communities, and ensures project learning's are documented, responsible to update the runbook.
- Able to work under pressure in a high-paced customer service environment, and able to prioritize multiple tasks effectively


Security NAC
• Subject matter expert (SME) for Cisco Identity Services Engine (ISE) solution, helping maintain stable operations while enhancing the service.
• Good Understanding on NAC Solution designing and implementation on Force Scout
• Understand the security architecture, implementation and improving security solution for Network Access Control.
• Configure and lead the configuration, policy creation, policy tuning in Cisco ISE solution.
• Extensive experience with Cisco Identity Service Engine solution in monitoring mode and enforcing mode, security posturing, compliance assessment.
• Continually assess security controls for deficiencies and drive remediate and improvement efforts.
• Experience with designing and deploying Cisco ISE (Network Access Control) infrastructure, creating new device profiles for 802.1X and MAB.
• Experience with establishing network access restrictions using Cisco SGT (Scalable Group Tags).
• Experience with 802.1x, WPA2 Enterprise, authentication and access controls in a mobile environment, and with mobile device security.
• Experience with working in a large enterprise environment, the associated challenges and their inherent security strengths and weaknesses.
• Experience with Cisco switches in configuring, troubleshooting and optimizing Network Access Device (NAD) configurations to ensure proper ISE functionality.
• Experience in EAPOL, EAP and PEAP authentication protocol.
• Experience on User and Machine Authentication – Certificate Based and LDAP/AD based.
• Stablishing a baseline ISE security rules/policies working with other service lane members
• Implementing redundant/HA Cisco ISE solution
• Radius and TACACS+ authentication and authorization methods
• Integrating Cisco ISE solution with enterprise PKI architecture
• Implement ISE solution for campus LAN, wireless, remote access and guest network environments
• Integrating ISE with enterprise patching and anti-virus solutions
• Understanding of Radius and TACACS authentication with Cisco ISE
• Understanding of remote access VPNs with PKI authentication
• Understanding of 802.1X authentication process
• Understanding of Cisco ISE remediation process
• Understanding of Cisco guest access authentication process

Skills

Checkpoint Firewall Cisco 1800 Network Access Control (NAC)

Language Requirements

No language requirements

Education Degree

Bachelor's Degree

Visa Support

Yes
Email Job

Job Criteria

Job Type

Contract

Industries

#Information Technology and Services

Job Location

United Kingdom - Luton

Functions

Information Technology

Salary

Negotiable

Companies will apply to you too

Fill in your resume and companies will send you invitations to apply on their jobs and we will notify you directly on your email box .