Role Overview:
The L2 Perimeter Security Engineer is responsible for monitoring and managing network security devices such as firewalls, IDS/IPS, and VPNs to safeguard the organization’s network perimeter against threats. This role involves responding to security incidents, conducting vulnerability assessments, implementing security policies, and performing in-depth investigations of anomalies. Strong knowledge of network protocols and hands-on experience with security technologies is essential.
Core Responsibilities:
- Incident Response: Detect, analyze, and respond to security incidents promptly.
- Threat Monitoring: Continuously monitor network traffic and security alerts for potential threats.
- Security Device Management: Configure and maintain IPS/NIPS, WAF, VPNs, and other perimeter security devices.
- Vulnerability Management: Perform regular vulnerability assessments and remediation.
- Policy Implementation: Enforce and update security policies across network devices.
- Troubleshooting: Resolve issues related to security device performance, failover, and high availability.
- Tuning & Optimization: Fine-tune IDS, proxy, and firewall policies based on threat intelligence.
- Documentation & Reporting: Maintain detailed documentation, including architecture diagrams, configurations, and knowledge base articles.
Key Technical Skills:
- Networking: Strong understanding of TCP/IP, routing protocols (OSPF, BGP), DNS, DHCP, VLANs, and VPNs.
- Security Tools: Hands-on experience with firewalls (Cisco ASA/FTD, Palo Alto, Checkpoint), IDS/IPS, WAF, SIEM, and anti-malware solutions.
- Packet Analysis: Proficiency with tools like Wireshark or tcpdump.
- Security Protocols: Knowledge of SSL/TLS, certificates, and encryption methods.
- Scripting: Basic scripting skills (Python, Bash) for automation and log parsing.
Qualifications & Experience:
- Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field.
- Experience: 3–5 years of hands-on experience in network security operations.
- Certifications: Mandatory: CCNA Security
- Preferred: CCSA, CEH, CompTIA Security+, PCNSE, Fortinet, Zscaler certifications.
Additional Skills:
- Expertise in firewall management (Cisco, Palo Alto, FortiGate).
- Deep understanding of networking protocols and technologies like VPNs and network segmentation.
- Proficiency with IDS/IPS, SIEM platforms, and vulnerability scanners.
- Strong analytical, problem-solving, and communication skills.
Apply Now or tag someone who fits this role!
tristanto.nicholas@hcltech.com
Generating Apply Link...
.png)
