Network Security Engineer
  • South Africa Johannesburg
  • BASHR Consulting
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

Are you a team player? Are you a passionate and energetic individual who is looking for stability in a work environment? Here is an opportunity for you to be part of an innovative team as a Network Security Engineer. Apply now!

As a Network Security Engineer, you will be responsible for monitoring service component capacity and initiate action to resolve any shortfalls according to agreed procedures. You will also be required to apply techniques to control the demand upon a particular resource or service.

Requirements

Relevant Tertiary Qualification
7 years’ experience required in Engineering function within a medium to large ICT organisation
Experience working with vendors and/or 3rd parties
ITIL v3 Foundation Certification
CCNP Security Certification
F5 Certified Solutions Expert (F5-CSE) Security
CompTIA CASP+
Rapid 7 Advanced Vulnerability

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0056   Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • K0200   Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333   Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0487   Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0516   Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
  • K0010   Knowledge of communication methods, principles, and concepts that support the network infrastructure.
  • K0011   Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
  • K0057   Knowledge of network hardware devices and functions.
  • K0374   WITHDRAWN: Knowledge of basic structure, architecture, and design of modern digital and telephony networks. (See K0599)
  • K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
  • S0168   Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
Required Abilities
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • A0172  Ability to set up a physical or logical sub-networks that separates an internal local area network (LAN) from other untrusted networks.
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • A0049  Ability to apply secure system design tools, methods and techniques.
  • A0050  Ability to apply system design tools, methods, and techniques, including automated systems analysis and design tools.