Sr Network Security Engineer

TIAA - Broomfield, CO3.7

As long as there are people who make the world a better place, we'll keep making a difference for them. Since 1918, it has been TIAA's mission to serve those who serve others. It is this mission and the values we embrace that make us a different kind of financial services organization.

When you work here at TIAA, you're not just in it for yourself. You are part of something bigger. A collective mission to make a difference - a collective mission we make our own.

To be difference makers.

For more information about TIAA, visit our website.

TIAA’s Production Services & Architecture (PS&A) team is responsible for all architecture, engineering and infrastructure operations of our core technology assets as part of a streamlined, strategic approach that ensures low cost, high quality delivery from initial architectural decisions through engineering to long-term operational support. The PS&A team collaborates closely with our business-aligned partners in technology and with key stakeholders across the enterprise.

As a Senior Network Engineer for network security you will have the opportunity to participate in the engineering of TIAA’s enterprise security environment. In this role you will work closely with Lead Engineers and internal customers to leverage applicable best practices for security design and enterprise business solutions. Your role will be responsible for periodic escalation support in a 24/7 environment addressing complex production impacting technical issues. You will be accountable for leading problem management and resolution for deployed firewall technologies and will act as a subject matter expert on high severity production issues.

Translate security architectures and project requests into engineered designs for the enterprise security environment
Implement defense-in-depth methodology for all new systems and services
Integrate security architectures with cloud services vendors
Use proven technologies with in architectural guidelines to develop solutions that expand services across the client base
Work with various vendor solutions and designs new security solutions to integrate new and existing client environments
Leverage applicable best practices for security design and enterprise business solutions
Lead problem management and resolution in the support of deployed technologies and acts as a subject matter expert on production outages
Conduct network assessments to validate an enterprise baseline and provide context for future network direction
Work with outsourced vendors to drive technical accountability of network standards, baselines, architecture, and solutions engineering
Work with outsourced vendors to drive sound engineering designs, and configuration templates
Participate in technology governance boards and/or councils
Generate conceptual, logical, and physical security architectures, documents, testing analyses, test plans, and risk assessments to ensure a sound architecture that meets client needs
Actively participate in the resolution of operational issues, including effectively working with cross functional teams and outsourced vendors as needed
Promote operational stability by assisting with the creation and tracking the implementation of network security infrastructure changes

Required Experience

Five or more years of networking and firewall experience
Experience with Palo Alto and Cisco ASA/FirePower platforms
Experience with layer 2 and layer 3 firewalls
One year experience with IPSEC, VPN, and SSL

Desired Experience
Bachelor’s degree in computer or information science preferred
Knowledge of Next Generation Firewalls.
Palo Alto ACE Certification
Experience with content filtering and web application proxies
Previous experience with App-ID and User-ID, Panorama, PXGrid, PBR, NAT on Palo Alto and Cisco ASA platforms
General understanding of Routing, Switching, Virtual LAN Switching, L2 Bridging and STP, TCP/IP, OSPF, BGP, Cisco Nexus/ACI
Strong communication skills (both written and verbal), customer service skills and strong attention to detail ability to interface with all levels of stakeholders
Equal Employment Opportunity is not just the law, it’s our commitment. Read more about the Equal Employment Opportunity Law.

If you need assistance applying due to visually or hearing impaired, please email Careers Help.

We are an Equal Opportunity/Affirmative Action Employer. We will consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.

  • ©2016 Teachers Insurance and Annuity Association of America (TIAA), 730 Third Avenue, New York, NY 10017