Sr. Network Security Architect

AES Corporation
Arlington, VA, United States
Full-time
We are sorry. The job offer you are looking for is no longer available.

At AES, we raise the quality of life around the world by changing the way energy works. Everyone makes an impact every day in our small, global teams.

Apply here to start an extraordinary career today.

We are seeking a skilled and seasoned Senior Security Network Engineer to join our network team. The successful candidate will play a critical role in architecting, designing, deploying , monitoring, maintaining , and refreshing secure global IT / OT network infrastructures to protect digital assets from leakage, unauthorized access, and cyber-attacks .

The Senior Security Network Engineer will collaborate with cross-functional and multi-cultural global teams to prevent, detect, and respond to threats to the organization's critical information assets. .

Responsibilities

Analyze existing network security controls and strengthen the controls that could make vulnerability exploitation more likely - such as Data Loss Protection, technical debt, etc.

Design and implement a global NAC solution (e.g. Cisco ISE) to control and authenticate network access including port-based network access control 802.1X.

Research and propose new VPN, ZTNA, and VPN-less access solutions to provide secure remote access for authorized users and site-to-site remote access.

Design, architect, and deploy Zscaler cloud-based solution infrastructure across SDWAN-based sites.

Manage implementation plans and operations supervision of Zscaler solutions (ZIA, ZPA, ZDX, etc.).

Proactively monitor reporting and consumption information along with policy configurations of Zscaler technologies and make ongoing recommendations to improve the overall experience.

Review and architecture restricted access to contractors and third-party employees to ensure security and reliability in a self-service environment.

Develop and automate tools and techniques to scale and accelerate network offensive emulation, anomaly detection, and vulnerability discovery using AI technology.

Collaborate with teams to influence implementation, measurement, and mitigation of these vulnerabilities.

Develop, improve, and communicate a compelling strategy and roadmap for network vulnerability and data leak prevention management.

Design, implement, maintain , monitor, and support company-wide network security best practices. Draft and share network services configuration hardening standards.

Build relationships with cyber security teams, network operations , digital assets support, and business areas in support of the global data protection initiative .

Measure , report, and automate the network security team's performance against objectives , policy compliance targets, and network security goals (e.

g., SLAs, KPIs, KRIs, OKRs)

Install security measures and operate software to protect systems and information infrastructure, including assisting with firewalls security rules, and data security implementation.

R egularly review and request updates of firewall rules and configurations to address emerging security risks.

Collaborate with analy sis and responses to alerts generated by IDPS tools.

Conduct regular security audits of network infrastructure and devices.

Understand secured web t raffic flow standards and custom application-based traffic and design f irewall and p roxy services.

Expect to assist as L3 SME for critical business impact P0 / P1 network security escalations during operational and non-operational hours.

Provide data and root cause analysis of network security incidents with corrective actions for improvement . Fix detected vulnerabilities.

Closely working with compliance and internal audit departments to ensure network securit y standards are in place, enforced, and maintained , and p rovide evidence samples according to the requirement.

Research upcoming trends in information technology and security, stay updated on potential threats and attacks, and come up with preventive roadmaps .

Help develop and maintain network security content in the internal Knowledge Base.

Develop and provide network-related Cyber Security Training and improve network Cyber Security Awareness around the global network teams .

Qualifications

Demonstrable experience in defining, reviewing, analyzing, and creating cybersecurity documentation, including actionable security standards, implementation procedures, cyber risk assessments, cyber security audit s, remediation plans, and cyber control guidelines.

Solid grasp of security controls in Physical (network, platforms) and Cloud environments (i.e., IaaS, PaaS, SaaS, multi-cloud).

Familiarity with Cloud Security Alliance (CSA) guidelines.

Extensive experience in the development and delivery of security-level agreements and metrics via real-time reporting and alerting dashboards ( SharePoint , Power BI , SQL , Office 365, Microsoft Teams ).

Proficient with a broad array of security software applications and data leak protection tools with an emphasis on Zscaler and Cisco security technologies.

Detailed understanding of network-related modern systems including firewalls, encryption, network access control, wireless and wired secure access, SD-WAN, SD-Access, secure remote network access, and password protection and authentication.

Understanding of cyber security frameworks for the OT environment including Industrial control systems (ICS)-the devices, controls, and networks that handle different industrial processes- , supervisory control and data acquisition (SCADA) systems, and distributed control systems (DCS).

Solid understanding of cyber-security technologies like AV, Sandbox, IPS, IDS, NGFW, and WAF.

Very solid background with vulnerability discovery and demonstration of exploitations .

Ability to see through bad actors' eyes and find ways to break open the cyber security protocols and technologies embraced within the organization.

A data-driven, problem-solving, curious candidate with strong analytical skills and who is not afraid to challenge the status quo.

A self-starter with a goal-oriented, can-do attitude who is comfortable communicating cyber concepts , and risk management to all levels of personnel .

Ability to influence other IT professionals, including network engineers, digital support , application owners, project managers, and system managers , to integrate security network controls into existing systems and processes.

Proven ability to communicate effectively across all levels of the organization, including the delivery and explanation of complex security-related concepts in clear, concise, and understandable terms.

Preferred Qualifications

  • Bachelor's degree required in technology, information security or related fields or equivalent work experience.
  • Demonstrated ability in computer systems with some specialization in computer security highly preferred.
  • Knowledge of foundational security controls and how they protect an enterprise environment.
  • Relevant certifications (e.g., Certified Information Systems Security Professional - CISSP, Certified Information Security Manager - CISM).
  • Very strong capacity to create new exploits or craft existing exploits to identify security loopholes in the network control cyber security plane.
  • Experience with PowerShell and SQL query creation and modification.
  • Scripting - Working knowledge of computer programming language.
  • This is a remote position; however, we require that the candidate be located close to one of the AES locations.
  • Some travel required ( 15-20%)

AES is an Equal Opportunity Employer who is committed to building strength and delivering long-term sustainability through diversity and inclusion.

Respecting all backgrounds, differences and perspectives enables us to improve the lives of our people, customers, suppliers, contractors, and the communities in which we live and work.

All qualified applicants will receive consideration for employment without regard to sex, sexual orientation, gender, gender identity and / or expression, race, national origin, ethnicity, age, religion, marital status, physical or mental disability, pregnancy, childbirth, or related medical condition, military or veteran status, or any other characteristic protected under applicable law.

E-Verify Notice : AES will provide the Social Security Administration (SSA) and if necessary, the Department of Homeland Security (DHS) with information from each new employee's I-9 to confirm work authorization.

6 days ago
Related jobs
Promoted
Space Ground System Solutions (SGSS)
Alexandria, Virginia

The network engineer will be responsible for planning, designing, and developing local area networks and wide area networks across the organization. Adopt and implement architectural best practices and frameworks to include the enhanced security measures to protect the network infrastructure from cy...

Promoted
Eclaro
Arlington, Virginia

Network Security Domain Architect. Help drive change! Eclaro is looking for a Network Security Domain Architect for our client in Arlington, VA. Our Enterprise Security Architect team supports the Group Security Strategy for all of Client. Focused on one security domain (Corporate Security), while a...

Promoted
Aptino, Inc.
VA, United States

Architect and implement secure, scalable network solutions aligned with business objectives. Define and implement network segmentation strategies for enhanced security. Enforce network security policies in alignment with regulatory requirements. Strong understanding of network protocols, routing, an...

Promoted
Cybernetic Search
VA, United States

Subject Matter Expert for networking issues and manage, configure, install, troubleshoot, and provide oversight for network devices and network services associated with SCADA/ICS systems, Cyber Security networks. We are seeking a Sr Network Architect to support the non-nuclear power generation fleet...

INA Solution Inc
Arlington, Virginia

Title-Network Security Architect</b></div> <div><b>Location: Arlington, VA</b></div> <div><b>Duration: 6 months contract with possible extension</b></div> <div> </div> <div> </div> <ul> <li>Bachelor&apo...

Eclaro
Arlington, Virginia

Our Enterprise Security Architect team supports the Group Security Strategy for all of Client. Focused on one security domain (Corporate Security), while also working with stakeholders throughout the Bank, to drive the strategy for your domain. As a future-thinking team, we are looking for individua...

Shuvel Digital
Arlington, Virginia

The successful candidate applies current analytical and logical thinking to the design, architecture, development, evaluation, testing, and integration of computer systems, appliances, and networks involving the architecture and implementation of Cyber Security tools in a hybrid environment. The suc...

Promoted
Peraton
Alexandria, Virginia

Network and Unified Communications Architecture team of network and UC engineers in Alexandria, VA. We provide integration for development of hardware and software solutions, and task support for the delivery of system, network, software, and security solutions. The work is hands-on and requires eng...

Promoted
Accenture Federal Services
Arlington, Virginia

Network Security: Implement and maintain network security measures to protect data and systems from unauthorized access. Network Infrastructure Management: Design, implement, and manage network infrastructure within Oracle Cloud environments. Collaboration: Collaborate with cross-functional teams in...

Promoted
ECS
Fairfax, Virginia

ECS is currently seeking a detail oriented, diligent, and energetic Sr Elastic Cloud Engineer in support of the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Dashboard Ecosystem Program. Elastic Cloud Engineer candidate must be able to proactively work independent...