Network Security/Firewall Engineer

Job Summary
The Network Security Firewall Engineer will design, implement and maintain support of the network and security infrastructure. In this role, you will configure, deploy, monitor and maintain network security equipment including, but not limited NGFW firewalls. To ensure compliance with information security standards, the position will require working knowledge of supporting/related technologies, industry standards and best practices.
Manage firewall and network security systems by establishing and enforcing approved policies
Analyze network security requirements and implement perimeter security changes.
Utilizing industry best practices for security, disaster recovery, business continuity, change control, the engineer will design, configure, manage and troubleshoot a variety of network firewall technologies.
Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units.
Develop network documentation of security infrastructure
Monitor network performance and implement performance tuning as necessary.
Bachelor's degree or equivalent experience.
1-3 years of Networking experience.
Experience in network security including: Device Hardening and patching, IDS/IPS, SIEM, Firewalls, and IPSec, vulnerability assessment and intrusion detection
Experience with Next Generation and web application firewalls
Knowledge of Cisco ASA and Barracuda Firewalls
Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).
Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks
Experience in administrating and troubleshooting firewalls within medium to large, complex organizations.
Public and private cloud software defined networking ? Amazon Direct Connect, AWS VPC, Azure ExpressRoute, VMware NSX, Cisco ACI
Deploy Site to site and Corporate VPN solutions with multi-factor authentication
Experience with packet capture and analysis methodologies.
Preferred applicants will also be familiar with government information assurance standards including FFIEC, COBIT, NIST 800-53, auditing and accreditation processes.
Firewall certifications: CCSA, CCSE, CCMSE, CCSM, PCNSE highly desirable
Experience configuring and troubleshooting routing and switched infrastructure (e.g. CCNA, CCNP Security) and security certifications highly desirable
Wintrust Financial Corporation (Wintrust) is a financial services company based in Rosemont, Illinois, with approximately $27 billion in assets. We engage in the business of providing traditional community banking services, commercial banking, wealth management services, commercial insurance premium financing, life insurance premium financing, mortgage origination, short-term accounts receivable financing, and certain administrative services, such as data processing of payrolls, billing and treasury management services. We provide community-oriented, personal and commercial banking services to customers located in the greater Chicago, Illinois and southern Wisconsin areas through our 15 wholly-owned banking subsidiaries.
We provide an engaging, dynamic work environment, an excellent compensation package including 401k, employee stock purchase plan, medical/dental, life insurance and more!
Wintrust Financial Corporation (including community banking and financial services subsidiaries) is an Equal Opportunity/Affirmative Action/Veterans/Disability employer.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.