Job Summary
Candidate should possess over 10 years of experience for the L3 role and have the following skill set. Palo Alto Extensive experience in network administration, security, and architecture. Skilled in analyzing traffic patterns, performing packet captures, and understanding network protocols and applications such as HTTP, HTTPS, SSL, and TLS, as well as internet architecture. Strong background in planning, designing, and implementing infrastructure. Proficient in managing Palo Alto firewalls and log collectors using Panorama, including handling device groups, firewall templates, and template stacks. Adept at troubleshooting and resolving firewall issues efficiently. Responsible for delivering network security services for customers, focusing on firewalls (mainly Palo Alto and Illumio), IPS/IDS, and related solutions. Duties include administering network security devices, defining and managing policies and rules, troubleshooting issues, and performing device upgrades and patch management. Collaborates with Data Center and Network teams to integrate security measures, identify risks, and propose mitigation strategies. Measures and reports on Security Operational SLAs and KPIs, identifies areas for improvement, and develops improvement plans. Experienced in supporting, administering, and upgrading network hardware including firewalls and IDS/IPS, troubleshooting network security and firewall issues, managing external suppliers, and preparing and updating network security documentation. Designs and reviews firewall, VPN, and IDS/IPS installations, responds promptly to security incidents with thorough post-event analysis, updates and upgrades security systems as needed, and coordinates with remote users to install and configure equipment on site. Cisco ISE (Identity Services Engine) • Install, configure, and maintain Cisco ISE solutions to ensure secure network access. • Manage and optimize RADIUS and TACACS+ protocols for effective authentication, authorization, and accounting. • Integrate Cisco ISE with systems like Active Directory and Certificate Authorities to streamline identity management. • Implement and enforce network access control policies for wired, wireless, and VPN environments. • Set up guest access, device profiling, posture assessment, and BYOD policies. • Monitor, troubleshoot, and resolve network access and security issues related to Cisco ISE. • Analyze and address security incidents involving network access. • Develop and maintain comprehensive technical documentation, including configurations, policy records, and SOPs. • Offer ongoing support, recommendations, and training to stakeholders to enhance network security solutions. Zscaler Extensive knowledge of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) architecture, deployment, policy design, and troubleshooting. Skilled in configuring, optimizing, and resolving issues for ZIA/ZPA across various user profiles, including roaming and branch offices. Comprehensive understanding of Zscaler cloud security features such as CASB, DLP, SSL inspection, threat protection (ATP), and zero trust network access. Strong troubleshooting abilities with user and device authentication methods (SAML, SCIM) and access flows. Experienced in security log analysis, packet capture, Fiddler, HAR files, and performance tuning. Solid grasp of enterprise networking protocols, including GRE, IPSEC, SSL VPN, and internet traffic flow. Hands-on experience with Zscaler inline tools, app connectors, service edges, and diagnostic tools. Good understanding of PKI and certificate management to effectively address user issues.
Key Responsibilities
Candidate should possess over 10 years of experience for the L3 role and have the following skill set. Palo Alto Extensive experience in network administration, security, and architecture. Skilled in analyzing traffic patterns, performing packet captures, and understanding network protocols and applications such as HTTP, HTTPS, SSL, and TLS, as well as internet architecture. Strong background in planning, designing, and implementing infrastructure. Proficient in managing Palo Alto firewalls and log collectors using Panorama, including handling device groups, firewall templates, and template stacks. Adept at troubleshooting and resolving firewall issues efficiently. Responsible for delivering network security services for customers, focusing on firewalls (mainly Palo Alto and Illumio), IPS/IDS, and related solutions. Duties include administering network security devices, defining and managing policies and rules, troubleshooting issues, and performing device upgrades and patch management. Collaborates with Data Center and Network teams to integrate security measures, identify risks, and propose mitigation strategies. Measures and reports on Security Operational SLAs and KPIs, identifies areas for improvement, and develops improvement plans. Experienced in supporting, administering, and upgrading network hardware including firewalls and IDS/IPS, troubleshooting network security and firewall issues, managing external suppliers, and preparing and updating network security documentation. Designs and reviews firewall, VPN, and IDS/IPS installations, responds promptly to security incidents with thorough post-event analysis, updates and upgrades security systems as needed, and coordinates with remote users to install and configure equipment on site. Cisco ISE (Identity Services Engine) • Install, configure, and maintain Cisco ISE solutions to ensure secure network access. • Manage and optimize RADIUS and TACACS+ protocols for effective authentication, authorization, and accounting. • Integrate Cisco ISE with systems like Active Directory and Certificate Authorities to streamline identity management. • Implement and enforce network access control policies for wired, wireless, and VPN environments. • Set up guest access, device profiling, posture assessment, and BYOD policies. • Monitor, troubleshoot, and resolve network access and security issues related to Cisco ISE. • Analyze and address security incidents involving network access. • Develop and maintain comprehensive technical documentation, including configurations, policy records, and SOPs. • Offer ongoing support, recommendations, and training to stakeholders to enhance network security solutions. Zscaler Extensive knowledge of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) architecture, deployment, policy design, and troubleshooting. Skilled in configuring, optimizing, and resolving issues for ZIA/ZPA across various user profiles, including roaming and branch offices. Comprehensive understanding of Zscaler cloud security features such as CASB, DLP, SSL inspection, threat protection (ATP), and zero trust network access. Strong troubleshooting abilities with user and device authentication methods (SAML, SCIM) and access flows. Experienced in security log analysis, packet capture, Fiddler, HAR files, and performance tuning. Solid grasp of enterprise networking protocols, including GRE, IPSEC, SSL VPN, and internet traffic flow. Hands-on experience with Zscaler inline tools, app connectors, service edges, and diagnostic tools. Good understanding of PKI and certificate management to effectively address user issues.
Skill Requirements
Candidate should possess over 10 years of experience for the L3 role and have the following skill set. Palo Alto Extensive experience in network administration, security, and architecture. Skilled in analyzing traffic patterns, performing packet captures, and understanding network protocols and applications such as HTTP, HTTPS, SSL, and TLS, as well as internet architecture. Strong background in planning, designing, and implementing infrastructure. Proficient in managing Palo Alto firewalls and log collectors using Panorama, including handling device groups, firewall templates, and template stacks. Adept at troubleshooting and resolving firewall issues efficiently. Responsible for delivering network security services for customers, focusing on firewalls (mainly Palo Alto and Illumio), IPS/IDS, and related solutions. Duties include administering network security devices, defining and managing policies and rules, troubleshooting issues, and performing device upgrades and patch management. Collaborates with Data Center and Network teams to integrate security measures, identify risks, and propose mitigation strategies. Measures and reports on Security Operational SLAs and KPIs, identifies areas for improvement, and develops improvement plans. Experienced in supporting, administering, and upgrading network hardware including firewalls and IDS/IPS, troubleshooting network security and firewall issues, managing external suppliers, and preparing and updating network security documentation. Designs and reviews firewall, VPN, and IDS/IPS installations, responds promptly to security incidents with thorough post-event analysis, updates and upgrades security systems as needed, and coordinates with remote users to install and configure equipment on site. Cisco ISE (Identity Services Engine) • Install, configure, and maintain Cisco ISE solutions to ensure secure network access. • Manage and optimize RADIUS and TACACS+ protocols for effective authentication, authorization, and accounting. • Integrate Cisco ISE with systems like Active Directory and Certificate Authorities to streamline identity management. • Implement and enforce network access control policies for wired, wireless, and VPN environments. • Set up guest access, device profiling, posture assessment, and BYOD policies. • Monitor, troubleshoot, and resolve network access and security issues related to Cisco ISE. • Analyze and address security incidents involving network access. • Develop and maintain comprehensive technical documentation, including configurations, policy records, and SOPs. • Offer ongoing support, recommendations, and training to stakeholders to enhance network security solutions. Zscaler Extensive knowledge of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) architecture, deployment, policy design, and troubleshooting. Skilled in configuring, optimizing, and resolving issues for ZIA/ZPA across various user profiles, including roaming and branch offices. Comprehensive understanding of Zscaler cloud security features such as CASB, DLP, SSL inspection, threat protection (ATP), and zero trust network access. Strong troubleshooting abilities with user and device authentication methods (SAML, SCIM) and access flows. Experienced in security log analysis, packet capture, Fiddler, HAR files, and performance tuning. Solid grasp of enterprise networking protocols, including GRE, IPSEC, SSL VPN, and internet traffic flow. Hands-on experience with Zscaler inline tools, app connectors, service edges, and diagnostic tools. Good understanding of PKI and certificate management to effectively address user issues.
Other Requirements
Candidate should possess over 10 years of experience for the L3 role and have the following skill set. Palo Alto Extensive experience in network administration, security, and architecture. Skilled in analyzing traffic patterns, performing packet captures, and understanding network protocols and applications such as HTTP, HTTPS, SSL, and TLS, as well as internet architecture. Strong background in planning, designing, and implementing infrastructure. Proficient in managing Palo Alto firewalls and log collectors using Panorama, including handling device groups, firewall templates, and template stacks. Adept at troubleshooting and resolving firewall issues efficiently. Responsible for delivering network security services for customers, focusing on firewalls (mainly Palo Alto and Illumio), IPS/IDS, and related solutions. Duties include administering network security devices, defining and managing policies and rules, troubleshooting issues, and performing device upgrades and patch management. Collaborates with Data Center and Network teams to integrate security measures, identify risks, and propose mitigation strategies. Measures and reports on Security Operational SLAs and KPIs, identifies areas for improvement, and develops improvement plans. Experienced in supporting, administering, and upgrading network hardware including firewalls and IDS/IPS, troubleshooting network security and firewall issues, managing external suppliers, and preparing and updating network security documentation. Designs and reviews firewall, VPN, and IDS/IPS installations, responds promptly to security incidents with thorough post-event analysis, updates and upgrades security systems as needed, and coordinates with remote users to install and configure equipment on site. Cisco ISE (Identity Services Engine) • Install, configure, and maintain Cisco ISE solutions to ensure secure network access. • Manage and optimize RADIUS and TACACS+ protocols for effective authentication, authorization, and accounting. • Integrate Cisco ISE with systems like Active Directory and Certificate Authorities to streamline identity management. • Implement and enforce network access control policies for wired, wireless, and VPN environments. • Set up guest access, device profiling, posture assessment, and BYOD policies. • Monitor, troubleshoot, and resolve network access and security issues related to Cisco ISE. • Analyze and address security incidents involving network access. • Develop and maintain comprehensive technical documentation, including configurations, policy records, and SOPs. • Offer ongoing support, recommendations, and training to stakeholders to enhance network security solutions. Zscaler Extensive knowledge of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) architecture, deployment, policy design, and troubleshooting. Skilled in configuring, optimizing, and resolving issues for ZIA/ZPA across various user profiles, including roaming and branch offices. Comprehensive understanding of Zscaler cloud security features such as CASB, DLP, SSL inspection, threat protection (ATP), and zero trust network access. Strong troubleshooting abilities with user and device authentication methods (SAML, SCIM) and access flows. Experienced in security log analysis, packet capture, Fiddler, HAR files, and performance tuning. Solid grasp of enterprise networking protocols, including GRE, IPSEC, SSL VPN, and internet traffic flow. Hands-on experience with Zscaler inline tools, app connectors, service edges, and diagnostic tools. Good understanding of PKI and certificate management to effectively address user issues.