Intrusion Detection Prevention Engineer
1111 Stewart Ave,
Altice USA is a cutting-edge communications, media, and tech company. We connect people to what matters most to them; texting with friends, advertising that resonates, or binge watching their favorite show. Our differentiated approach centers around technologies that push the envelope and deliver the ultimate customer experience. We're building a workforce that attracts and retains the best talent, not only to meet the needs of our customers, but that also reflects the diverse communities we serve. We're not the only ones who have seen it; we've recently been recognized by Forbes as one of America's Best Employers as well as by the Human Rights Campaign, DiversityInc Magazine, and Cablefax for our diversity & inclusion program.
The Network Security Engineer position plays an important role within IPNT because it represents a level of Network personnel with a high degree of technical knowledge that is needed to support the security of the network and its systems. Network Security Engineers are critical to the team because they are a technical resource that provides a source of information and support for all responsibilities within IPNT. They cover the majority of the technical workload during everyday operations. They provide an escalation platform as well as work with leads on assignments and projects. They are responsible for following the lead of the Senior Engineer as well as being pro-active in their work and offer suggestions in completing it as well as recommending additional solutions and or observations. They are responsible for installing, upgrading and maintaining ADC (Application Delivery Controllers), network security appliances and security policies in network devices and operating systems. Network Security Engineers are fed information from systems and associates so that they can respond to, investigate, diagnose, rectify and document issues as required. They use various network and server tools to isolate and rectify issues as need be. They are the first level of interaction between the various departments and the respective SR engineering entities. They are responsible for a collective skill and responsibility set as it applies to the overall network infrastructure.
- Installation, Operation, Administration, and maintenance of all network security appliances and ADC (Application Delivery Controllers) that support Altice offerings.
- Advanced degree of knowledge of Firewall technologies (Check Point, Cisco ASA, Cisco Firepower and F5 AFM), F5 Networks ADC (LTM/GTM, AFM and WAF), Check Point and Radware IPS/IDS, DDoS detection and mitigation and Cisco Network hardware including; Routers, Switches, and all network security devices as they apply to both the collective network and the respective discipline assigned. This includes any caveats required to support those business units.
- Perform and assess results of security vulnerability scans.
- Network path analysis to determine changes needed to allow new network access requirements or troubleshoot connectivity/network performance issues.
- Packets capture interpretation and analysis to conduct forensic analysis and/or identify performance issues.
- Working with Sr. and Lead Network Security Engineers, develops design criteria for testing of new technologies coordinating with all engineering/operations/management necessary to meet Altice deadlines for product launch (regardless of type).
- Respond to, diagnose and resolve technical issues in relation to the Internet delivery systems, Voice over IP, Interactive Optimum and Commercial/B2B services.
- Monitor performance and status of the Network delivery systems.
- Provide technical assistance to internal departments and organizations.
- Work as part of a group with other engineering departments (both IPNT and other) issues relating to the Internet delivery systems.
- Develop and improve methods and tools for the troubleshooting and researching of problems.
- Create and maintain logs, records, diagrams and reports of any and all network systems.
- Performs Network Engineering standby for all issues pertaining to digital deployed services and performs high level escalation (in conjunction with Network Ops Tech) of difficult or complex problems into either vendor TAC departments, internal management or internal engineering (OSP etc) to ensure timely recovery.
- Participates in special projects and performs other duties as directed by Senior Admin Engineer as they pertain to the respective discipline.
- Knowledge of the following skills:
- TCP/IP protocol and subnet masking
- All Routing protocols and configurations (to support BGP, OSPF & EIGRP)
- Switching and configuration options (VLANS, HSRP, NSSA, DHCP, PBR, VPN’s, NAT, ect)
- Internet applications and their protocols ( TCP, UDP, Peer to peer type apps, mail, news, web surfing, SNMP, ect)
- End-to-end network connectivity troubleshooting involving complex networks with ACLs,
- Firewalls, NAT, and dynamic and static routing.
- Firewalls: Check Point, F5 AFM, Cisco ASA and cisco Firepower
- F5 Networks ADC.
- Threat mitigation systems and DoS mitigation techniques
- Cisco hardware (Routers, switches, network appliances)
- Configuration and administration of Cisco VPN solutions.
- Vulnerability scanners Rapid 7 Nexpose and Tenable Nessus.
- Cisco ACS, Cisco ISE or other Identity & Access Management solution.
- Advanced troubleshooting ability. Proven experience in packet capture and analysis.
- Knowledge of Tripwire and Tufin.
- Good technical writing skills.
- Ability to work well under pressure.
- High level of follow through.
- Ability to work as a team player.
- Knowledge of Windows based operating systems.
- Knowledge security and hardening of Unix/Linux operative systems.
- Unix shell scripting or scripting languages is a plus. ( Python, Perl… )
- Previous 5+ years of experience on multiple Network hardware platforms (Cisco, or equivalent )
- Cisco CCNP, Check Point CCSE, CISSP, or Security + certifications or equivalent knowledge will be preferred.
- Experience with network and system management software.
- Experience with handheld test tools.
- Experience with Internet applications.
- Experience with working as part of a team to collect data to use to resolve issues or outages.
- Previous skill set with troubleshooting outages while under pressure.
- Degree in Computer Science, engineering is required.
- Flexible working hours, 24 hour on call systems support. Ability to work during maintenance windows.
Altice USA is an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.
Altice USA, Inc. collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.