Network Security Design Engineer
Oil & Gas
Technical Qualifications - MANDATORY:
Network security, we are looking for “design experience with next generation firewalls and proxies and more specifically Palo Alto Networks L7 firewalls and Zscaler”.
- Minimum Education or Certification: Bachelor’s degree in electrical engineering, Computer Science, Telecommunications or equivalent work experience
- Cisco certifications – CCNP Route / Switch
- Palo Alto Certifications – PCNSA
- Zscaler Certifications – ZCCP IA/PA TAC
- Security Certification - CCISP
- Typical Years of Experience: 12-20 - leading and executing Telecoms project delivery, Telecoms operations, or IT consultancy assignments to design, develop and deliver viable network and telecom solutions, preferably in Oil and Gas or similar industry with offshore experience preferred.
- A high degree of technical network knowledge in the IP network technology with a specialization in network security.
- Highly proficient in, deployment and configuration of networking technologies specific to routing, switching and general network security best practices in a global enterprise environment.
- Experience and proficiency in a hands-on capacity with Data Center and Remote Office Enterprise/campus designs, architecture, deployment and configuration with physical and virtual appliances. Familiarity with applications driving modern infrastructure design in private and public cloud.
- Extensive Network and Network Security Deployment and Implementation utilizing Routers, Switches, NG Firewalls, VPNs, IDS/IPS Realtime Traffic Inspection/Analysis tools and Application/Service Analysis tools.
- Cloud Networking and Computing, Azure, AWS, Cloud frameworks, distributed applications and X-as-a-Service (X can be infrastructure, Platform, Software)
- Mastering OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SMTP, FTP, TFTP)
- Mastering IP v4 addressing and subnetting and routing concepts and skilled in IPv6
- Route/Switch Protocols and Services:
- L2 - STP, HSRP, VLAN, VPLS, Trunking, STP 802.1Q, VLANs, VTP, VPLS, L2 tunnels over MPLS
- L3 - OSPF, ISIS, BGP, EIGRP and IP MPLS, CEF, Route Redistribution, Summarization, Policy-Routing, Traffic Engineering, Inter AS VPN’s, MPLS VPN, MBGP, vPC, VSS, OTV, DMVPN, NHRP
- Route/Switch Products – Cisco, Nexus, ACI, HP Procurve, Brocade, Juniper, Cisco Catalyst, Cisco ASR, Cisco ISR, Arista, Cisco ACI, SDN (SD-LAN, SD-WAN, SD-WIRELESS), SDAm, Cisco Meraki, Viptela, Velocloud. (Emphasas on Viptella)
- Security Protocols and Services:
- Firewalls, VPNs (L2, L3, MPLS), Authentication (TACACS, AAA, PKI), 802.1x, NAC (Cisco ISE). Also, should have excellent implementation and troubleshooting skills for, L2/L3 VPN, IPSEC and SSL VPN, Cloud Proxy,
- Radius, RSA, PKI, 2 factor Authentication, Encryption, Remote access VPN, Clientless VPN and IPSec protocols, Web Proxies, DNS and DHCP design and IPAM tracking, IDS/IPS, Firewall Rules Management, Security Flow, NGFW, ClearPass, End Point Visibility, Authentication, End Point Blocking Policy Enforcement, PKI environments, Endpoint 802.1X, EAP supplicant methods and certificate integration. Firepower, Threat Protection,
- Security Vendors : Checkpoint, Juniper, Palo Alto and Cisco ASA, , Fortinet, Bluecoat, Macfee, Cisco ISE, F5, NetScaler, Zscaler, Symantec Proxy, Bluecoat, F5 LTM, A10
- Wireless – Aruba, Cisco
- Monitoring and Management Tools: Solarwinds, LiveAction, Riverbed, HP Openview, Cisco ISE, SNMP, Netflow, IPSLA, Netbrain, Lumeta, Algosec etc.
Mandatory General Skills:
- Telecoms Industry knowledge with extensive experience in Networks and Telecommunications, Testing and Commissioning
- Knowledge of environmental and electrical safety in hazardous (IEC EX) that impact design of telecoms systems used in process plants; Upstream / Downstream IT infrastructure and telecom solutions e.g. Process Control/SCADA, Safety Critical Elements
- Knowledge of project delivery methodology for managing both IT and Capital Projects in Oil and Gas
- Consistently delivered results in a matrix, global virtualized organization
- Experience in negotiation skills
- Excellent communication skills, verbal and written
- Proven experience in stakeholder and relationship management including external vendors
- Ability to translate technical requirements and specifications into easily understood business concepts and vice versa
- Technical network knowledge of telecom solutions such as Satellite, Optical/Radio links, Wireless Canopy, Mobile Radio (DMR/Tetra), Microwave, Fiber Optics, Marine and Aeronautical Radio, Sub-marine Fiber and Access Security/CCTV a plus.
- Cisco certifications – CCIE Route / Switch
- Palo Alto Certifications – PCNSE
- Zscaler Certifications – ZCCP IA/PA
- Python programming and app development skills for programmable networks
- Experience working in an (partially) outsourced environment
- Agile and waterfall project management knowledge and experience
- Service Management processes (Support Models, Service Level Management, Contract Management and Supplier Management)
- Experience in network operations
For our international client in Rijswijk we are looking for two Network Security Design Engineers.
- Collect all requirements needed to produce the design by working with the project manager and relevant stakeholders
- Apply the standards defined to create a design with all relevant details
- Document the solution working with the architects
- Develop a deployment strategy together with the project manager and create an implementation plan which leads to a successful deployment of the produced design
- Share knowledge and drive continuous improvement across the community
For the services in scope:
- Collect and document requirements by specifying the needed functionality, all the non-functional requirements and all dependencies (e.g. cabling, construction or electrical work needed)
- Create a standards-based design produced and signed off by the design assurance team.
- Work with architecture & portfolio to update standards in specific cases
- Work with other designers to produce specific elements of the design requiring special knowledge
- Develop an implementation plan and testing strategy which is aligned with business readiness and IT delivery timelines
- Handover the design and implementation plan to the project manager and operations center for deployment and operations
- Share knowledge obtained and learn from others as part of a natural team across architecture, portfolio, design, network engineers, operations, and service management, amongst others.
- Provide hands on implementation and operational support as required.
Please send us your recent CV + a cover letter for this role (both in English and in Word) together with your availability/planned vacations and all-in hourly rate VAT (BTW) excluded.