Description

Summary:

The Network Engineer 3 is a member of the Infrastructure Security Services Team supporting Huntington’s Enterprise Network Organization. This team is responsible for all research, project design, and initial implementation of security technologies as well as ongoing configuration and environment standards. This team also provides subject matter expertise support during incidents. This role specifically will focus on network security technologies related to network access control (NAC) and firewall infrastructure deployed in alignment to zero-trust principles and industry standard like PCI, SOX and CIS.

Responsibilities:

• This role will primarily be focused on firewall security policy design and implementation utilizing Palo Alto Firewalls and Panorama.

• Expertise in Network Access Control (NAC) and Segmentation solutions such as Cisco ISE, Elisity, Forescout or Fortinet.

• Build and enhance network security solutions with a “secure and automate first mindset”.

• Leverage Infrastructure as Code (IaC) concepts to manage configuration baselines via Jinja2/YAML and GIT.

• Participate in an on-call rotation.

Basic Qualifications:

• Bachelors Degree

• 7+ years of hands-on large scale Enterprise network deployment and configuration.

• 7+ years of hands-on Palo Alto Panorama (configuration and maintenance)

• 7+ years of hand-on experience in Network Access Control (802.1x and TrustSec/SGT).

• Background and knowledge of IPSec/SSL remote access technologies including management of policy, client authentication, and infrastructure support

Preferred Qualifications:

• Current Palo Alto PCNSE Certification

• Financial Services background a plus.

• Ability to execute on IT project initiatives with minimal oversight.

• Ability to work both as a team and independently to accomplish goals.

• Security subject matter expert with strong ability to partner with Information Security organizations and Business Units.

• Strong communication skills (both verbal and written) with ability to create runbook documentation and operational/implementation turn-over support of new technologies.

• Expertise in Network Access Control policy and solutions, preferably with Cisco Identity Services Engineer (ISE).

• Experience with Cisco ASA or Firepower firewalls support Cisco remote access solutions.

• Evaluate, design, implement, operate, and maintain Palo Alto Panorama and Firewalls.

• Knowledge and experience using or deploying Secure Access Service Edge (SASE) technology such as iBoss, zScaler, or Palo Alto.

• Expertise in Palo Alto URL Filtering, AppID and decryption.

• Expertise in Palo Alto Panorama Templates.

• Strong design skills of data center and DMZ design.

• Experience with security policy enforcement and firewall deployments in public/private cloud environments.

• Perform risk assessments on IT products and services and make appropriate recommendations.

• Experience in scripting/automation methodologies (Python, Ansible, Bash)

• Experience with Service Now Change Control

• Risk and vulnerability analysis

• Network IoT/OT segmentation practices and solutions.

• NIST Zero Trust Architecture, SOX, PCI, SOC2

  Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Hybrid

Huntington is an equal opportunity and affirmative action employer and is committed to providing equal employment opportunities for all regardless of race, color, religion, sex, national origin, age, disability, sexual orientation, veteran status, gender identity and expression, genetic information, or any other basis protected by local, state, or federal law.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Agency Statement: Huntington does not accept solicitation from Third Party Recruiters for any position