Network Security Engineer

University Hospitals

Posted Under: , jobs in Engineering; Engineering jobs
Posted On: 2017-04-22 00:00:00

Job Description:

University Hospitals (UH) is a community-based healthcare system which serves patients at more than 150 locations throughout Northern Ohio , including seven wholly owned and four affiliated hospitals. Committed to advanced care and advanced caring, UH encompasses the regions largest network of primary care physicians, outpatient centers and hospitals. The network also offers specialty care physicians to treat almost every disease and condition, skilled nursing, elder health, rehabilitation and home care services, and occupational health and wellness. University Hospitals is the second largest private sector employer in Northeast Ohio and is within the top five largest private sector employers in the state of Ohio . Primarily responsible for interactions with business users, vendors, project managers, design architects and technology managers to assess, remediate, and deploy information security, DMZ security, and networking technology throughout the UH enterprise network. Collaborates with the Identity and Access Manager, UH Network Manager/Network Design Architect, and server team leadership to assess the current infrastructure and formulate a plan to manage all information security DMZ and network technologies. Reviews the firewall designs and configurations, Network Design document, validates its implementation, and produces an as-built enterprise network diagram. Responsible for assisting with the design and implementation of new server and networking services. Interacts with business users and vendors to identify and define requirements and expectations of new and existing network systems. Essential Duties: * In conjunction with Information Security Operations team, Network and Storage Architects and group Managers: develops, tests, presents, deploys, and manages Information Security technologies for the DMZ and wireless and wired networks. * Completes work request activity submitted via Service Request System. * In conjunction with Information Security team, identifies, diagnoses, and resolves Information Security technology issues. * Validates the implementation of Secure Network Design documents by reviewing configuration, installation, and replacement of network and security infrastructure components. * Remotely administers and maintains the security of complex TCP/IP networks using firewalls, routers, intrusion detection / prevention, proxy devices, and switches. * Creates and maintains comprehensive documentation related to the server and network security infrastructure. * Schedules upgrades and collaborates with security, server, and network architects on security and network optimization. * Recommends, reviews, tests, schedules and implements upgrades (i.e. IOS upgrades, patches). * Configures support of information security networking devices. * Provides support using network management tools including Cisco Works, Cisco NAM , What's Up, Fluke's OptiView, Solar Winds, SNMP, etc. * Provides support using security management tools including McAfee Intrushield, Cisco IronPort, Websense, McAfee ePO, RSA DLP, dual-factor authentication, etc. * Proactively recommends and may perform performance tuning and optimization activities which maximize efficient use of existing technology resources. * Defines security KPIs and maintains utilization reports and documentation. * Creates and maintains comprehensive documentation related to the server/network security infrastructure and procedures. * Performs on-call service rotation; provides 24 x 7 production support on a rotating basis. * Performs occasional night/weekend work as required due to environmental constraints. Position Requirements: Experience & Knowledge: * 5+ years of experience with Enterprise Network, DMZ, and Security infrastructure, including design, implementation, and ongoing management and troubleshooting required. * Hands on experience working with firewalls, proxies, email security gateways, intrusion detection / prevention, device encryption, and data leak prevention tools required. * Experience with Cisco ASA or Palo Alto Networks administration preferred. * Excellent technical and interpersonal skills required. * Excellent verbal and written communication skills required. * Must be familiar with DNS, HTTP, 802.1x, EAP, TKIP, AES, Radius, IPsec, TLS/SSL, routing protocols (BGP, OSPF, HSRP, VRRP) and VLANs, and layer 2 / Layer 3 roaming * Ability to effectively document processes required. * Must be self-starter who is inspired by technology, highly organized, and ability to work with minimal supervision. * Excellent skills with Microsoft Office Suite including Visio and Project required. * Practical experience in the use of network monitoring tools such as Cisco Works LMS, Netflow, HP Open View and Network Sniffer is required. * Practical experience in the use of security tools such as McAfee Intrushield, Cisco IronPort, Websense, McAfee ePO, and RSA DLP is required. * Advanced experience with security devices such as ASA, VPN Concent