The U.S. Pharmacopeial Convention (USP) IT Security Engineer in Rockville, Maryland
Summary of the Position
The Security Engineer serves as key individual contributor on the Information Technology (IT) Security team. As part of the IT Security team, the Security Engineer will help support USP’s global public health mission by protecting critical computing assets, securing sensitive data, and working with the Global IT teams to provide security monitoring and incident response.
The Security Engineer is responsible for implementing, supporting, and maintaining all aspects related to Palo Alto firewalls at an enterprise level. The engineer will maintain a strong focus on automation, self-service, rapid feedback, continuous improvement and leveraging best practices throughout.
Roles and Responsibilities
Management, configuration, and administration of commercial firewall products such as Palo Alto or Cisco ASA
Setup, Configuration, and Maintenance of Palo Alto perimeter defense appliances
Utilize Panorama with strategic development of policies, rules, NATS, and security profiles
Implement network security policies
Monitor, secure, and communicate network vulnerabilities and attack vectors for diverse stakeholders
Collaborate with solution architecture to devise infrastructure solutions most suitable to meet system requirements
Plan and coordinate system utilization, and performs growth analysis and capacity planning
Supporting mission critical, 24x7 systems
Design, implement, operate, and maintain complex corporate LAN/WAN networks.
Perform analysis, diagnosis, and resolution of complex network problems for a variety of end users and recommend and implement corrective hardware and software solutions.
Provide senior level technical support and guidance to system engineers and telecommunications technicians on network and equipment issues
Communicate and support security policy, deployment, and support needs.
Communicate the security challenges associated and provide solutions to mitigate them.
Work with other engineers on technical requirements and communicate to management.
Work with minimal supervision, set priorities, and give attention to detail and quality, flexible, strong organizational and time management skills, ability to multitask, ability to work individually and with a team, positive attitude, self-motivated, reliable, trustworthy, strong interpersonal skills, diplomacy, and ability to handle stress in professional manner.
3-5 years of experience in IT security for a mid-large size organization required
PCNSE (Palo Alto Networks Certified Network Security Engineer) required
Cisco Certified Network Associate (CCNA) required
Cisco Certified Network Professional (CCNP) required
Minimum 3 years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment.
Demonstrated experience with deploying, configuring, maintaining, patching, troubleshooting, and upgrading cybersecurity infrastructure and capabilities.
Demonstrated knowledge of network traffic and communications, including known ports and services.
Master’s degree in computer engineering
Experience with enterprise network security experience (firewall, Intrusion Detection (IDS), log management/reporting solutions)
Experience with Juniper, Cisco, and Palo Alto Firewalls
Resolution of trouble incidents for firewalls, intrusion detection systems (IDS), and network forensics tools.
Knowledge of routing and switching fundamentals and products.
Experience with Cisco ACI integration.
Practical experience working in complex LAN/WAN environments
Practical experience supporting Palo Alto or Cisco ASA firewalls
Experience with Splunk or comparable logging system for troubleshooting
The candidate should have solid knowledge of best current security practices, firewalls, network administration, application/web fundamentals, IP transit, routing protocols and all aspects of networking needed to support the required SLAs.
The candidate must possess a networking background with an understanding of switching, network routing as well as skills in managing and supporting firewalls.
Expert level understanding of all layers of the OSI model
Expert level understanding of packet capture review.
Expert level understanding of TCP / UDP and IP Protocol
Able to work flexible hours when needed. In addition to normal business hours of 8:30 a.m. 5:00 p.m. Monday through Friday, serves on a team to provide 24 hour a day, 7 days a week response to emergency alarm calls and can be available on short notice to support requests during unusual hours, especially early or late in the day during the business week.
The following COVID-19 provisions will apply to selected candidate(s) hired:
As a condition of employment with United States Pharmacopeial Convention’s (USP) duty to provide and maintain a workplace that is free of known hazards, all employees and contingent staff hired after July 1st, 2021 are required to be fully vaccinated unless a reasonable accommodation is approved. Your recruiter will advise accordingly.
USP offers an impressive benefits package, including:
Generous paid time off – 15 paid holidays, 10 sick days and 15 vacation days per year to start
An annual 401(k) contribution, beginning after 1 year of service, of 10% of pay (base and bonus) every pay period that vests immediately
Comprehensive individual and family healthcare plans with affordable premiums and low annual deductibles.
The U.S. Pharmacopeial Convention (USP) USP is an independent scientific organization that collaborates with the world's top experts in health and science to develop quality standards for medicines, dietary supplements, and food ingredients. USP brings together more than 1,100 talented professionals across five global locations to deliver its mission to strengthen the supply of safe quality medicines and supplements worldwide. USP is proud to be an equal employment opportunity employer (EEOE) and affirmative action employer. Employment selection and related decisions are made without regard to sex, race, age, disability, religion, national origin, color, veteran status, sexual orientation, gender identity or any other protected class. We are committed to working with and providing reasonable accommodation to individuals with disabilities. USP does not accept unsolicited resumes from 3rd party recruitment agencies and is not responsible for fees from recruiters or other agencies except under specific written agreement with USP.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)
Job Category Information Technology
Job Type Full-Time