Job Classification: Technical Specialist 4
Agency: Ohio Department of Administrative Services
Primary Work Location: State of Ohio Computer Center 1320 Arthur E. Adams Drive Columbus, Ohio 43221
Interview Process: We will be using the Interview Video Stream as a first round of interviews. Second Round onsite interviews.
Will Close to Submissions on: 3/16 at 10:00 am
Office of Information Technology, Infrastructure Services Division:
The Ohio Department of Administrative Services, Office of Information Technology Unified Network Services provide Network Security Services (Firewall, Secure Authentication, F5, DDoS) to Agencies, Boards and Commissions via the Customer Service Center located at the State of Ohio Computer Center. The main function of our Network Security Group is to provide a secure, reliable and efficient connectivity to applications and / or State of Ohio resources. Maintaining a high availability, secure network environment that houses critical applications is an enormous challenge. The loss of customer communication and/or connectivity due to malicious activity to any of these environments could cost the taxpayers of Ohio a vast amount of revenue.
Role:
In addition to the normal duties of a Network Security Engineer, the Senior Network Security Engineer performs advanced-level network design, planning, implementation, analysis and troubleshooting.
Requirement Description:
1. Advanced Network Security troubleshooting, problem identification and resolution
2. Daily administration of firewalls, FortiSIEM, IDS, load balancers, DDoS appliance, Duo Security
3. Enforcement of Statewide Security Policies, Procedures and Guidelines (Network Security Best practices)
4. Proactive monitoring of network security threats or malicious activity (virus, worms, bots, spam, etc.)
5. Daily monitoring of logs for all network security devices
6. Creation and implementation of network security change requests using OIT’s Change Management Process
7. Plan, coordinate, administer, maintain and troubleshoot network security and VPN solutions for OIT customers and data center environment
8. Provide onsite customer Network Security support as needed
9. Provide on call after hour support (5pm-7am and weekends) as requested
10. Conduct analyses of existing network security hardware and make recommendations to enhance the security posture of OIT
11. Coach, mentor and train Network Security Engineers on specific procedures and issues
12. Research latest technology advances in network security and advise management and staff of developments and trends
13. Creation and maintenance of functional drawings and documentation
14. Project coordination with Network Planning and Engineering Group
Skills and Abilities:
1. Must have strong communication and collaboration skills and experience.
2. Must have excellent oral and written skills and possess strong meeting and work session facilitation skills.
3. Must have the ability to work independently and as part of a team, the ability to manage time and resources to meet assigned deadlines.
4. Must have excellent organizational skills, proven analytical, planning, problem solving, and decision-making skills.
5. Must be knowledgeable in the English language/speak clearly and understandably use the English language.
Mandatory Qualifications:
1. Five years’ experience maintaining and operating network security and load balancing systems that includes design, configuration, implementation and troubleshooting
2. Experience with Cisco Systems, Palo Alto Network Firewalls and BIG-IP load balancers
3. Experience with Cisco switches and routers
4. Knowledge of data center virtualization fundamentals such as VRFs, virtual port channels
5. Experience troubleshooting network flows using tcpdump and wireshark
6. Familiar with IP Routing Principles, Addressing and Subnetting
7. Experience with PAN Panorama, Cisco CMI, ASDM, FMC
Preferred Qualifications:
1. Certifications (CISSP, CCSP or CCNP)
2. Experience with the design and maintenance of firewalls (Cisco ASA, Firepower, FWSM, Palo Alto Networks, VMWare NSX)
3. Experience with the design and maintenance of load balancers (Cisco, F5, VMWare NSX)
4. Familiar with Duo Security two factor authentication
5. Familiar with Microsoft Active Directory Service and Forefront Identity Manager
6. Experience with VoIP Quality of Service (QoS) mechanisms such as: marking, queuing, congestion avoidance, link efficiency, etc.
7. Familiar with state government
