Network Consultant

Role: Network Consultant

Location: Iselin New Jersey - Hybrid (2/3 days from office)
Duration: FTE

Job Description:

Experience needed: Cisco house with Cisco first gen and next gen firewalls, Cisco ACI Fabric and currently heavy on AWS networking. They will be looking for experience with Cisco ASA, Cisco Firepower FTD, Cisco ACI and AWS networking. So let him prepare accordingly.

Job purpose Network Consultant

The role is primarily responsible for the engineering and re-engineering of the CLS network estate, providing subject matter expertise in network security, cloud networking and routing & switching.

Essential Job Functions

• Responsible for ensuring that the network is secure and built to best practices, in line with industry standards, such as CIS controls.
• Must have a strong focus on cloud networking and cloud network security with experience demonstrated in extending on-premises networks to the cloud.
• Strong understanding of first and next generation firewalling with experience using multiple contexts and multiple tiers within a complex environment.
• Good working knowledge of Intrusion Prevention System (IPS) policies and deployment.
• Good working knowledge of Network Admission Control (NAC) and other network security appliances, such as RSA.
• Experience in using management center tooling for firewall rule deployment.
• Thorough understanding and experience of deploying both spine and leaf switching fabrics and traditional switching methodologies.
• Knowledgeable in understanding routing methodologies and route manipulation with good understanding of BGP and OSPF along with policy-based routing and prefixes lists.
• Understanding of deploying and troubleshooting WiFi networks.
• Demonstrable knowledge of troubleshooting complex network issues including packet tracing, using CLI and Wireshark.
• Demonstration of strong technical documentation skills such as authoring Low Level Designs, producing Technical Specifications (Tech Specs) and authoring project deployment documentation, such as technical implementation plans, back out plans and test plans.
• Competent in producing network schematics using MS Visio and Draw.io.

Minimum Job-related Experience Required

• Keeping current with the latest technologies by conducting research and undertaking vendor and product reviews.
• Work with decision-makers to define business and systems requirements and recommend new technology in accordance with corporate policies.
• Provide last line support for solutions delivered by the engineering function in line with existing IT service management processes. Act as an escalation point, for the managed service, for problems pertaining to network technology and with a view to re-engineering.
• A minimum of five years working as a senior engineer across all technologies described above.
• Good understanding of working in a regulated environment and conversant with the adoption of good Governance, Risk and Compliance (GRC) practices.
• Preferable for experience gained working in a regulated financial services / banking organisation.

Specialist Skills/Knowledge

• We are mainly a Cisco house with Cisco first gen and next gen firewalls, Cisco ACI Fabric and currently heavy on AWS networking. Looking for expertise with Cisco ASA, Cisco Firepower FTD, Cisco ACI and AWS networking.
• In-depth knowledge of design, implementation, troubleshooting, configuration and testing of the following:
  • Routing OSPF, BGP, knowledge of route redistribution and manipulation.
  • WAN - MPLS, VRF, PfR, Internet and DIA, VPN, SDWAN, understanding of circuit provisioning.
  • Datacenter Spine and Leaf, using a Clos fabric, VxLAN and distribution switching.
  • Encryption - IPsec VPN, MACSec and configuring site-to-site VPN on routers and firewalls.
  • Switching and L3 - HSRP, VRRP, GBLP, NTP, STP, RSTP, QoS, CoS, SVI, VLAN's, ACL's.
  • WiFi Cloud based Wireless LAN solutions and centralised Wireless LAN controllers with distributed Lightweight APs.
  • Firewalls Familiar with multiple products from multiple vendors together with rule deployment via the management tooling and CLI.
  • Cloud Implementing connectivity to the cloud with Direct Connect, BGP, VPC, Transit Gateways, DX Gateways, NAT Gateways, Security Groups and AWS Firewall is required.

Troubleshooting provide effective troubleshooting methodologies using packet captures on firewalls, using the CLI, and Wireshark