Come join the 'CyberCraft-Workforce Identity & Security' team as a 'Senior Security Engineer (Network Security)'. The team specializes in planning, designing, optimizing, implementing, auditing, and troubleshooting the network security systems to improve the efficiency of Intuit. The Workforce Identity & Security team protects the network from threats and bugs that could attack the system and also from the existing dangers while ensuring that the networking systems can withstand adversaries.
Responsibilities
- Drive architecture, design and implementation of highly available, scalable and secure NAC (Network Access Control) solutions with device access control measures, providing guidance to integration of NAC with other security technologies.
- Monitor & respond to network access incidents while performing operational activities of NAC systems including health check, backup, patching, configuration, BCP validations.
- Lead the design, implementation and maintainability of secure remote connection solution i.e Virtual Private Network for optimal security, evaluating and enhancing the VPN security protocol & practices.
- Investigate, monitor, administer & support the VPN infrastructure.
- Hands-on experience on Zero Trust - Private Network Access specifically on Zscaler ZPA and ZIA solutions ensuring optimal performance and security.
- Implement and maintain network policies, firewall rules, NATs, VPNs, and routing protocols.
- Perform network analysis and optimization, using tools such as Wireshark, Ping, Traceroute, and Zscaler Analytics.
- Manage additional layers of protection against malware, phishing, ransomware, and other cyber attacks that exploit vulnerabilities in the DNS system.
- Collaborate with other network engineers and IT teams to resolve network issues and implement network projects.
- Lead the gathering of functional requirements, solutioning, developing technical specifications, and project & test planning.
- Act in a security technical leadership capacity, as a subject matter expert and as a role model: Mentoring fellow engineers, demonstrating technical expertise, and solving complex or unchartered technical problems.
- Generate technical documentation to communicate architectural and design options, and educate leadership, development teams, and business users.
- Work cross-functionally with various Intuit teams including product management, program management, and/or business units to drive forward results.
- Demonstrate a passion for developing well architected, elegant applications & services on AWS services.
- Demonstrate continuous learning, experimenting and applying technology and software paradigms to solve business problems.
- Apply experience and innovation to generate creative ideas for emerging business needs. Provide/inspire innovations that fuel the growth of Intuit as a whole.
- Provide perspective on leading industry trends, recommendations on new and emerging technologies, technology prototypes, patent proposals and engineering process improvements.
Minimum Requirements
- BS/MS in Computer Science or equivalent with at least 7+ years of network security engineering experience.
- Minimum 5 years of domain experience (Network Security).
- Strong knowledge and enterprise experience with Zscaler ZPA and ZIA solutions, including deployment, configuration, troubleshooting, and reporting.
- Strong knowledge and experience with network technologies and protocols, such as TCP/IP, DNS, DHCP, BGP, OSPF, MPLS, VLAN, VPN, NAT, QoS, and 802.1x.
- Experience with network devices, technologies and vendors, such as Cisco, Palo Alto, etc.
- Proficiency in network segmentation, network routing with solid understanding of security protocols and products such as TACACS, RADIUS, Panorama, Palo Alto (Firewall), Global Protect (VPN), OpenDNS (Secure DNS).
- Experience with security automation and programming skills in Python, Ansible, Terraform or similar scripting languages in a cloud environment.
- Previous experience with HPE/Aruba switches will be an advantage.
- Knowledgeable in evaluating vendor products and making recommendations to hardware and software products.
- Knowledgeable in network security procedures, best practices and implementation.
- Desirable but not limited to Industry standard certifications of CCNP, CCNA, Network+, MCSA.
- Strong experience on AWS Services and Cloud Native technologies.
- Familiar with the security challenges inherent with highly scalable and available web applications.
- Able to operate at highly varying levels of abstraction from business strategy to product strategy to high level technical design to detailed technical design to implementation.
- Demonstrated experience in working with geographically distributed teams, across time zones.
- Team player possessing strong analytical, problem solving and communication skills.
- Ability to work effectively in a fast paced, complex technical environment.
- High adaptability and flexibility.
- Experience driving for results across cross-functional teams while maintaining effective working relationships.
- Leading meetings, presenting, being a technical go-to person, and cross-functional leader.
- Excellent communication skills. Communicates clearly, succinctly and persuasively to all levels of employees, customers and management (including executives).
- 'Self-starter' attitude and the ability to make decisions independently.
#J-18808-Ljbffr