Huntington Bancshares - Indianapolis, IN

posted 2 months ago

Full-time - Mid Level
Indianapolis, IN
Management of Companies and Enterprises

About the position

The Network Engineer 3 is a vital member of the Infrastructure Security Services Team at Huntington National Bank, specifically supporting the Enterprise Network Organization. This team is tasked with the comprehensive research, project design, and initial implementation of security technologies, alongside the ongoing configuration and maintenance of environment standards. The role is crucial in providing subject matter expertise during security incidents, ensuring that the bank's network infrastructure remains secure and compliant with industry standards such as PCI, SOX, and CIS. The focus of this position is on network security technologies, particularly in the areas of network access control (NAC) and firewall infrastructure, which are deployed in alignment with zero-trust principles. In this role, the Network Engineer will primarily concentrate on the design and implementation of firewall security policies, utilizing Palo Alto Firewalls and Panorama. The engineer will also be responsible for enhancing network security solutions with a mindset geared towards security and automation. This includes leveraging Infrastructure as Code (IaC) concepts to manage configuration baselines using tools like Jinja2/YAML and GIT. Additionally, the engineer will participate in an on-call rotation, providing support and expertise as needed during incidents or outages.

Responsibilities

  • Design and implement firewall security policies utilizing Palo Alto Firewalls and Panorama.
  • Expertise in Network Access Control (NAC) and Segmentation solutions such as Cisco ISE, Elisity, Forescout, or Fortinet.
  • Build and enhance network security solutions with a secure and automate first mindset.
  • Leverage Infrastructure as Code (IaC) concepts to manage configuration baselines via Jinja2/YAML and GIT.
  • Participate in an on-call rotation.

Requirements

  • Bachelor's Degree
  • 7+ years of hands-on large scale Enterprise network deployment and configuration.
  • 7+ years of hands-on Palo Alto Panorama (configuration and maintenance).
  • 7+ years of hands-on experience in Network Access Control (802.1x and TrustSec/SGT).
  • Background and knowledge of IPSec/SSL remote access technologies including management of policy, client authentication, and infrastructure support.

Nice-to-haves

  • Current Palo Alto PCNSE Certification
  • Financial Services background a plus.
  • Ability to execute on IT project initiatives with minimal oversight.
  • Ability to work both as a team and independently to accomplish goals.
  • Security subject matter expert with strong ability to partner with Information Security organizations and Business Units.
  • Strong communication skills (both verbal and written) with ability to create runbook documentation and operational/implementation turn-over support of new technologies.
  • Expertise in Network Access Control policy and solutions, preferably with Cisco Identity Services Engineer (ISE).
  • Experience with Cisco ASA or Firepower firewalls support Cisco remote access solutions.
  • Evaluate, design, implement, operate, and maintain Palo Alto Panorama and Firewalls.
  • Knowledge and experience using or deploying Secure Access Service Edge (SASE) technology such as iBoss, zScaler, or Palo Alto.
  • Expertise in Palo Alto URL Filtering, AppID and decryption.
  • Expertise in Palo Alto Panorama Templates.
  • Strong design skills of data center and DMZ design.
  • Experience with security policy enforcement and firewall deployments in public/private cloud environments.
  • Perform risk assessments on IT products and services and make appropriate recommendations.
  • Experience in scripting/automation methodologies (Python, Ansible, Bash).
  • Experience with Service Now Change Control.
  • Risk and vulnerability analysis.
  • Network IoT/OT segmentation practices and solutions.
  • NIST Zero Trust Architecture, SOX, PCI, SOC2.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service