FULL_TIME

Secure Network Engineer - SII Belgium

Brussel BE
2021-08-02
2024-03-28

For our customer we’re looking for a talented Secure Network Engineer

In the first place we’re looking for candidates with the “Anankei DNA”.
Our DNA embodies a positive and joyful attitude.
Dream IT , Trust IT, Go for IT !

The role of security network engineer is multifoil on behalf of our client's senior system engineer who coordinates all activities on their behalf environment regarding:
- Network architecture design: to master the secure network architecture, and phase its evolution,
- Day-to-day configuration: configure the different security networking devices (installation, upgrades, patches, encoding of firewall rules, proxy policies, ...),
- Troubleshooting and problem resolution: dysfunctions of the security networking devices, incorrectly behaving applicative flows,
- Communication: represent the network team in internal and external technical project meetings, work within a multi-disciplinary technical team, ability to participate in international video/audio conference meetings, good reporting skills towards responsibles, internal & external customers or suppliers, non-IT departments,
- Technical writer: manuals, description of procedures, project documentation, etc.


Required profile is definitely not a system administrator or junior consultant profile.
The missions of the network security engineer at our client will consist of:
- Organizing the segmentation of its large internal network,
- Architect secure application services made available from the Internet,

Vereisten

Minimum required study degree:
- Bachelor’s degree, equivalent or higher.

Minimum required experience:
- At least 5 years proven network engineer-level working experience in large IT network environments.

The consultant must not necessarily cover all following different aspects (the more the better...) but must state clearly what his/her/their major high-skill areas are:
Security and network architectures:
- Hacker-resistant Internet architectures,
- Network consolidation/virtualisation techniques versus segmentation techniques,
- Capability to translate high-level functional security policy into real architecture components & procedures.

Personal Communication skills:
- Spoken + written knowledge of technical English is mandatory,
- Spoken + written knowledge of French or Dutch is mandatory.

Personal behaviour skills;
- Ability to work autonomously on projects,
- Ability to work as a member of a multi-disciplinary technical team,
- Documentation ability,
- Ability to organize and follow-up meetings and presentations.

Network project experience :
Experience in projects within large financial organizations related to network segmentation and set up of secure Internet services is critical (specification analysis, market analysis, product selection, proof of concept, operational deployment, documentation and 28. presentation, etc.).

Products skills :

Minimum required technical network and security product skills consists of a proven recent vendor engineer-level certification (provide certification sheets with precise product description, version, and certification date).
Additionally, the years of engineer-level experience with the products will be taken into consideration.
In decreasing order of importance:

Palo Alto PanOS :
- Data centre firewall appliance clusters with IDS and sandboxing facilities,
- Dynamic routing protocols,
- Expected PCNSE certification.

Cisco :
- Experience with datacenter (Nexus-equipment) and campus network (Catalyst equipment)
- Knowledge of WIFI, Cisco ISE, IPSec

Scripting languages (Python, Perl)
Communication protocols knowledge
The network engineer will also have thorough knowledge of networking protocols because he or she will provide third-level support in case of networking problems. As such he or she will have an excellent knowledge of network protocol analysis and Internet based application protocols like IPv4/IPv6, HTTP(S), FTP(S) , SMTP, secure transfer protocols like SSH, SSL/TLS, dynamic routing protocols (BGP), internal management/authentication protocols like SNMP, LDAP, high-availability protocols like HSRP, VRRP, and PKI-based authentication protocols.
Major Operating Systems & networking components knowledge:
By order of descreasing importance:

- Windows workstations/servers/domains,
- VmWare/ESX servers Vsphere,
- LINUX (Red Hat / FreeBsd / Ubuntu / ...).