About Company

A technology services provider offers digital transformation solutions for businesses, including IT consulting, software development, cloud computing, cybersecurity, and AI. Their digital solutions aim to improve efficiency, transform business processes, and enhance customer satisfaction. The company's team of experts collaborates closely with clients to understand their unique goals and challenges, and then designs customized solutions to meet their specific needs.

Focuses on innovation and agility, utilizing advanced technologies to remain at the forefront of industry trends and offer the most effective solutions to clients. Their emphasis on delivering high-quality services and building long-term relationships with clients has helped them establish a solid reputation in the technology services industry.

Objectives/purpose of the job:

The Network Segmentation Engineer will collaborate with Network Services Engineers, Security Services Engineers, senior leadership, and clinical technology services to design, implement, and support an enterprise-class network security capability. The primary goal is to reduce the risk profile of clinical devices and systems that directly support patient care. The candidate will be responsible for creating enterprise standards and best practices for designing, building, and implementing a segmented network architecture across a large healthcare system.

Role and Responsibilities:

• Experience designing and supporting Cisco enterprise networks
• Solid understanding of network-based segmentation strategies and IoT designs
• Extensive experience with TCP/IP, VLANs, VLAN Trunking, ACLs, load balancing, QOS, PBR, WCCP, VPN, NAT, VoIP, IPSec, Multicast, DNS services, firewalls, SNMP, Netflow
• Extensive experience with Network mirroring technologies SPAN, ERSPAN, RSPAN, TAP
• Experience configuring network security policies on firewalls and/or routers
• Strong knowledge of network and security architecture best practices
• Strong knowledge of enterprise switching and routing, and LAN/WAN technologies
• Experience with Cisco DNA Center, Cisco Prime
• Advanced understanding of networking principles, subnetting, and the OSI model
• Ability to understand multi-tier network environments (Core, Distribution, Access)
• Excellent verbal and written communication skills in English
• Creating design documentation, building ISE rules, implementing ISE solutions across a variety of environments, and being a subject matter expert on the ISE tool
• NAC (Network Access Control) using 802.1x and MAC Authentication Bypass (MAB)
• Understanding user and machine authentication and authorization using ISE and external identity stores (Active Directory)
• Guest access control and device profiling and compliancy check
• TACACS, Radius, and Captive Portals

Required experience and qualification:

• Routing & switching (dynamic routing protocols, SPAN, ERSPAN, RSPAN, netflow, snmpv3)
• Experience with network segmentation Cisco ISE (SGT, SXP, Pxgrid, Inline tagging, 802.1x)
• Knowledge of firewalls

Skills

Cisco ISE Cisco Trustsec Cisco Stealthwatch (Optional) Cisco Nexus switch Cisco catalyst Cisco wireless

Other Requirements

NA