The Principal Network Firewall Engineer is the subject matter expert taking the lead role in network security architecture, design, planning, assessment, and implementation. In this role, you will serve as escalation support for providing recommendations and initiating necessary corrective action to ensure network security policy compliance and continuous improvement for the UCLA Information Services & Solutions (ISS) security posture. You will be responsible for ensuring that policies, standards, procedures, and how-to documents are utilized and followed as well as providing day-to-day support of the 24x7 production environment of ISS enterprise network security infrastructures (VPN, firewalls, authentication system, routers, switches, wireless access layers, IPAM, DHCP, VoIP systems, WAN, and network/VoIP monitoring).
In this position, it is expected that you participate in the weekly rotational after-hours 24x7 on-call support and perform other assigned tasks as needed by departmental requirements.
10 plus years of direct combined Network Engineering and Network Firewall experience required
Expertise in Next-Generation Security technologies such as URL Filtering, SSL Decryption, NAT/PAT, DLP, binary sandboxing, threat and application decoders and DOS protection technologies
Hands on experience with Cisco and Palo Alto security appliances and related tools
Hands on experience with Cisco routers and Catalyst/Nexus switches
Expert level knowledge of OSPF routing protocol and Policy Based routing
Proficient knowledge of LAN Switching and WAN Connectivity
Expertise in virtual Firewalling technologies
Expertise in network data capturing and analysis
Working knowledge of Virtualized computer technologies such as Hyper-V or VMWare
Working knowledge of shell or CLI scripting and regular expressions
Experience implementing and supporting complex solutions across multiple IT disciplines (Network, Systems, ID Management etc.) in the realms of 'people, process and technology'
Hands on experience managing security across various platforms/systems- Microsoft Windows, MS AD, Unix-like required; MS SQL, Oracle and Citrix preferred
Experience with implementing and executing standard operating procedures as related to monitoring of IT Security controls/safeguards in place; experience with SOC and SIEM preferred
Knowledge of current common cybersecurity frameworks, standards and best practices. NIST & IS027k preferred
Exceptional oral/written communication and organizational skills with the ability to effectively present to non-technical staff and management
Experience generating regular reports and status of the IT Security environment including recommendations for problem resolution and improvement
Experience with vendor management
Experience working with internal and external auditors
Experience with HIPAA and PCI preferred
Experience in a University Healthcare system preferred
Understanding of security governance
Proficient in Microsoft Office product suite (MS Outlook, Word, Excel, PowerPoint and Visio)
UCLA is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
At UCLA Health, you can help heal humankind, one patient at a time by improving health, alleviating suffering and delivering acts of kindness. As you do, you’ll achieve great things in your life and your career. We’re a world-class health organization with four hospitals consistently recognized among the nation’s very best as well as an internationally-renowned medical school, primary and specialty care clinics and much more. Within our dynamic, innovative and growing organization, you’ll find exceptional opportunities to make the most of your abilities in a supportive, empowering and inclusive environment. If you embrace our values of Integrity, Compassion, Respect, Teamwork, Excellence and Discovery we invite you to see all you can accomplish at UCLA Health.