Senior Network Security Engineer 2
This is an exciting time for Shutterfly. In this position you will be an integral part of a developing implementing and maintaining network security best practices for Shutterfly.
Your focus will be on building and designing a secure sustainable and efficient network architecture. You will work with our Information Security and Networking teams to coordinate network security changes and network security optimizations. As the Senior Network Security Engineer, you will be a key participant in network design and configuration, and much more.
This position can be based in either our Redwood City, CA, Santa Clara, CA or Tempe, AZ locations.
Your primary duties and responsibilities will include:
- Evaluate new and emerging security products and technologies
- Develop standards and baselines that align with network security best practices across various technologies
- Review and analyze network change requests and provide relevant feedback and network security approval
- Implement changes to network infrastructure to reduce network risk and burn down any identified gaps
- Proactively identify gaps, risks and issues and navigates organizational structure to resolve them.
- Analyze existing network device rules and configuration, suggest improvements and implement accordingly
- Participate in operational support including network security investigations
- Work with internal teams to evaluate and recommend improvements to confidentiality, integrity and availability at the network layer
- Advise teams on ideal network security practices including zoning, secure architecture, configuration management, ACL design and review, etc
- 5+ years working in a network engineering role or similar capacity in a high-volume ecommerce or enterprise environment
- 5+ years experience in ACL / Zoning / TACACS / ISE / Radius / firewall management across multiple platforms in a high-volume ecommerce or enterprise environment
- 5+ years experience with LAN/WAN, switching, routing, VPN, and other standard network technologies in a high-volume ecommerce or enterprise environment
- 3-5 years of secure network design responsibility including practical experience with network security compliance requirements (PCI, SOX, HIPPA, etc.) in a high-volume ecommerce or enterprise environment
- Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
- Ability to execute large-scale multi-phased network and security projects
- Proven communication skills, the ability present information clearly and concisely to all levels of management both formally and informally
- Hands-on experience with multiple vendor technologies including Cisco, Juniper, Palo Alto, Vmware, AWS, etc
- Proficient in documenting and building detailed network security diagrams and related documentation
- 3-5 years experience with various network security technologies including IDS / IPS, WAF, SIEM tools in a high-volume ecommerce or enterprise environment
- Experience in wireless technologies and associated concepts
- Familiarity with different styles of source control, automation technologies (such as terraform and cloudformation) and CI/CD pipelines
- Experience in deploying and maintaining controls within various public cloud environments (AWS, Azure, Google)
- Relevant security certifications (SANS/GIAC, CISSP, CCNP, CCNA, CCIE, OCSP, etc.) are highly desirable
- Proven risk assessment and mitigation skills