Job ID: NC-596150 (98990612)
Cisco Firewall Engineer (CCNA/CCNP/CCIE) with ASA, VPN, Enterprise SourceFire/FireSight, QRadar and Firemon experience
Location: Raleigh NC (DOT)
Duration: 12 months
Skill Required / Desired Amount of Experience
Enterprise Cisco Firewall (ASA) configuration and troubleshooting experience Required 7 Years
Enterprise VPN configuration and troubleshooting experience Highly desired 7 Years
Enterprise hands-on experience with Cisco LAN switching and routing products experience Desired 5 Years
CCNA, CCNP, CCIE Highly desired
Enterprise SourceFire / FireSight IPS management experience Highly desired 6 Months
Experience with Qradar and Firemon Nice to have 1 Years
The purpose of the position is to design, configure, test, implement, monitor, and maintain the NCDOT computer network security infrastructure, primarily NCDOT Cisco ASA firewalls. The candidates primary task will be to install and make configurations to firewalls to comply with PCI-DSS, State, NCDOT security standards, state auditing and industry best practices. Candidate must be proficient in advanced Cisco ASA configuration, deployment and operational support and be familiar with the latest Cisco ASA hardware, operating system versions and functionality. Candidate must have experience and ability supporting a large quantity (250+) of Cisco ASA firewalls in the field. Candidate will assist the Network Services Team providing advanced technical production configuration and support primarily for firewall services. The candidate will interact with employees at all levels in all DMV and other DOT offices across the state as needed to implement network security solutions and provide an advanced point of escalation for network security issues.
Knowledge, Skills, and Abilities Requirements:
• Advanced experience with enterprise and data center security policy design and deployment using Cisco ASA firewalls, specifically Cisco ASA appliances and HA (high availability active/standby) environments. 2+ years advanced level hands-on experience.
• Proficient operational configuration and support of site-to-site VPN solutions using Cisco ASA firewalls.
• Proficient operational support of Cisco ASA firewall operating system upgrades, specifically to ASA IOS version 8.4 and beyond.
• Moderate familiarity with current network technologies and equipment, particularly data center LAN and WAN environments.
• Experience with structured change management processes.
• Ability to manage tasks and meet schedules.
• Experience supporting security compliance with PCI-DSS
• Experience with sourcefire and FTD
• Must have excellent customer service and teamwork skills.
• Willingness to work overtime and weekends as needed.
• Willingness to accommodate occasional regional travel.
• A minimum of 5 years direct hands-on experience with Cisco ASA firewall products.
• Prefer experience with Firemon.
• Prefer experience with QRadar.
• Currently active CCNA, CCNP, CCSP, or CISSP certifications, expiration within past 2 years.
• Currently active CCIE (Cisco Certified Internetworking Expert) Security certification, or expiration within past 5 years.