Senior Network Security Engineer
Asset Mark - Atlanta, GA
posted 4 days ago
About the position
AssetMark is a leading strategic provider of innovative investment and consulting solutions serving independent financial advisors. We provide investment, relationship, and practice management solutions that advisors use in helping clients achieve wealth, independence, and purpose. As the AssetMark portfolio continues to grow, the Technology & Operations team is building technology and IT systems that meet the world class standard for which AssetMark is known. We build, implement and maintain the business systems and technology that are critical for delivering AssetMark's services, while articulating the long-term technology strategy that will enable AssetMark's growing solutions that improve the lives of our advisors and their clients. Within our Security, Network, & Infrastructure teams, there has never been a busier or more urgent time to obtain the best talent we can for this critical function. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Cloud Network Team at AssetMark is a growing group of cyber security networking professionals, using the latest tools and resources to protect the assets from our internal infrastructure to the solutions used by our advisors and clients. We are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, routing, threat detection, and more.
Responsibilities
- Perform regular security audits of network infrastructure to identify vulnerabilities, ensure compliance with security policies, and validate the effectiveness of implemented controls.
- Design, implement, and maintain advanced security solutions, including firewalls, intrusion detection/prevention systems, VPN gateways, and cloud-native security tools.
- Collaborate with IT stakeholders and network administrators to ensure secure, scalable, and efficient network designs that align with organizational standards.
- Develop and maintain automated reporting systems to monitor and present network security metrics and trends to executive management and key stakeholders.
- Develop, maintain, and enforce network security policies, procedures, standards, and guidelines in line with industry best practices and regulatory/compliance frameworks.
- Lead comprehensive security assessments of new and existing network configurations, including affiliated systems, to identify risks and recommend mitigation strategies.
- Work closely with cross-functional teams (e.g., Internal Audit, Legal, Compliance, Privacy) to strengthen the organization's network and cybersecurity posture.
- Create and maintain custom automation scripts using APIs and scripting languages to streamline network management, security monitoring, and threat analysis.
- Document automation tools and scripts, ensuring clarity, usability, and adherence to internal standards.
- Monitor and fine-tune network performance, identifying and addressing bottlenecks, latency, and other performance issues.
- Troubleshoot and resolve complex network and security issues, escalating where necessary, and implementing solutions to prevent recurrence.
- Manage relationships with network vendors, ensuring service quality and leveraging partnerships to optimize network performance and cost.
- Ensure robust connectivity across all sites, servers, endpoints, and network devices, incorporating redundancy and failover mechanisms where needed.
- Validate and optimize reference architectures and recommend enhancements to improve security, reduce risks, and ensure high availability.
- Lead or participate in incident response efforts related to network and security issues.
- Participate in an on-call rotation, responding to critical incidents and ensuring operational continuity during off-hours, including weekends.
- Other duties as assigned
Requirements
- Must be proficient in networking protocols including TCP/IP, UDP, HTTP/HTTPS, FTP/SFTP, DNS, DHCP, SNMP, SMTP/POP3/IMAP, and LDAP, along with their associated security measures and vulnerabilities.
- F5, Palo Alto, Cisco, Meraki, Azure network services, Front Door, NSGs, Route Tables.
- Azure Data Lake Storage experience desired.
- Network Architecture Experience with software defined networking for cloud native and marketplace tools (Palo Alto preferred).
- DevOps Hands-on work with GitHub or Azure DevOps and associated CI/CD tooling.
- Infrastructure as Code Experience utilizing Terraform to automate the deployment of Azure resources; standardization with Infrastructure-as-Code (IaC) implementations.
- Integrating with on prem Infrastructure Designing, implementing, and managing complex network infrastructures across cloud and on-prem environments.
- Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
- Detailed understanding of the threats faced by direct to consumer and digital platform organizations.
- Working knowledge of at least one programming language (Python, Go etc.).
- Hands on experience securing hybrid and cloud native infrastructure is highly preferred.
- Proven hands-on experience hardening network and security appliances.
- Detailed technical experience supporting and implementing SIEM & logging tools (Splunk, Kibana, etc.) and the ability to extract actionable intelligence from large volume aggregated log storage.
- Thorough understanding of Network and enterprise IT infrastructure and, specifically the security aspects thereof.
- Thorough understanding of compliance and regulatory frameworks and how they affect architecture designs and reviews.
Nice-to-haves
- Security certifications are a plus. (CISSP, CCIE, PCNSE, CISA, SANS, Security+, etc.)
- Microsoft AZ-700 certification desired.
Benefits
- Flex Time Off or Paid Time/Sick Time Off
- 401K - 6% Employer Match
- Medical, Dental, Vision - HDHP or PPO
- HSA - Employer contribution (HDHP only)
- Volunteer Time Off
- Career Development / Recognition
- Fitness Reimbursement
- Hybrid Work Schedule
