Senior Network Engineer / Palo AltoApply Job ID: R-002486 Date posted: 04/16/2018 Primary Location SC-Fort Mill
Firewall Engineering and Management experience in a multiple active Data Center environment utilizing Palo Alto Next Generation Firewalls. Individual must have a strong Security focus with a deep understanding of data traffic types and their associated communication parameters. Good communication and task prioritization skills are required.
- Minimum 5+ years Engineering and administrating an enterprise level Palo Alto environment.
- Candidate must have a practical understanding of OWASP Top Ten Vulnerabilities and understand how to mitigate them with Palo Alto Firewalls.
- Remain current on common exploit and Malicious Software techniques
- Be familiar with current Advanced Persistent Threat (APT) models.
- Understand and apply policy to detect and defend against Attack Vectors.
- Select and implement a reliable Kill Chain to protect against APTs
- Hands on knowledge of TCP/IP and UNIX/LINUX variants.
- 5+ years Network Engineering experience.
- Experience managing a Firewall management for compliance to a given Security Framework such as NIST SP800-41, ISO 27001 or SANS Firewall Best Practices.
- Demonstrated experience and knowledge of network devices (routers, switches, etc.), including such topics as HTTP headers, ISO layers, and TCP flags.
- Ability to generate and read packet captures for troubleshooting of data traffic flow.
- Experience in scripting languages such as Python, PERL, BASH, etc.
- Knowledge of DNS configurations for both the Internet and Microsoft Active Directory.
- Fundamental knowledge of encryption to include HTTPS decryption and re-encryption to examine data traffic content.
- Vulnerability Analysis experience using a SIEM.
- Penetration Testing experience highly desirable.
- Ability to reduce vulnerability footprint of Palo Alto Firewall (Harden).
- Configuration of Network Interfaces and Zones on Palo Alto Firewalls.
- Experience in engineering, implementing and troubleshooting IPsec tunnels on Palo Alto Firewalls
- Directly implemented or supported enterprise class Palo Alto Firewalls such as PA-7000 Series Chassis and its associated Interface (Line) Cards.
- Experienced in Engineering, implementing and troubleshooting Panorama M-500 appliances
- Comfortable accessing and utilizing CLI functions of a Palo Alto Firewalls and Panorama management system.
- Firewall traffic and policy optimization
- Experience with implementing and supporting various Palo Alto Firewall modules such as Wildfire, Threat Prevention, URL Filtering and Antivirus
- Firewall Life Cycle Management skills required.
- Experience implementing Application Identification(APP-ID) objects
- Experience in assessing the requirements and creating an APP-ID is beneficial.
- Design and implementation experience with Global Protect for large scale Remote Access user base
- Experience in managing and optimizing Logging of Firewall traffic and Rule Base activity.
- Experience with Palo Alto Aperture for SaaS environments.
- Experience with establishing authentication with Microsoft Active Directory for identification and control of users and associated policies.
- Enterprise level Network Routing protocols such as OSPF and BGP configuration and troubleshooting highly desirable.
- Familiarity with Side Channel communications in a Palo Alto environment is helpful.
- Accurate and disciplined documentation skills required.
- Experience in Penetration Testing, Vulnerability Analysis, and Threat Research valuable.
- Excellent troubleshooting skills and ability to identify root causes of issues and provide solutions.
- Strong interpersonal and presentation skills, both oral and written, with the ability to articulate and educate others about complex technology with business acumen.
- Experience working within Federal or Public Regulatory Agency guidelines such as FINRA, PCI-DSS, NERC-CIP helpful.
- The individual in this position will be directly supporting the protection of the company and its external business relationships.
- Comfortable working with application developers.
- Palo Alto Professional Security Certifications desirable such as PCNSE.
- Security and Network Certifications desirable such as CISSP, CHFI, CEH, CCNP, CCNA.
- Bachelor’s Degree in Computer Science or equivalent experience.
About LPL Financial:
LPL Financial is a leader in the retail financial advice market and the nation’s largest independent broker/dealer*. We serve independent financial advisors and financial institutions, providing them with the technology, research, clearing and compliance services, and practice management programs they need to create and grow thriving practices. LPL enables them to provide objective guidance to millions of American families seeking wealth management, retirement planning, financial planning and asset management solutions. LPL and its affiliates have more than 3,700 employees with primary offices in Boston, Charlotte, and San Diego.
If you join LPL, you will join a culture that believes in delivering a world-class client experience and looks to all employees to contribute to that goal by sharing their creativity, experience, and passion for continuous improvement. As a destination of choice, our top priorities are growth and development, social responsibility, and financial health for our employees.
We offer competitive compensation and industry leading benefits, including a wellness facility with onsite fitness classes, healthy meal choices, and a walk-in clinic. We support employee financial health through a 401k match, ESPP, and employee discounts. Work/life balance is our foundation and is supported through paid holidays, and paid time off (including time to volunteer). We foster a diverse work environment through Employee Resource Groups and diverse strategic partnerships.
Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please login or create an account to apply to this position. Principals only. EOE
*As reported by Financial Planning magazine, June 1996-2017, based on total revenue.