The Role
The Johnson Controls Global Cyber Security (GCS) team is undergoing a transformation as Johnson Controls increases its cybersecurity capabilities to address the evolving cybersecurity threat landscape.
The Network Security Engineer reports to the Global Platform Engineering Manager in the Security Engineering team within the JCI GCS team. As we move towards a zero-trust network model, this role will engineer, implement, and support network security solutions to protect critical information systems with a key focus on Network Access Control, Web Application Firewalls, Web filter, edge security, IPS, firewall policy optimization, micro-segmentation, and Cloud Security. This role offers significant exposure to Enterprise Systems & Network Architecture, opportunities to evaluate, implement & manage Best-in-class Cyber Tools and Technologies and develop a deep understanding of industry-leading Cybersecurity practices used by JCI. This position is responsible for development and implementation of standard operating procedures for the network security solutions and operational support for these solutions on a 24x7 basis.
The Network Security Engineer will need to be a driven, collaborative individual that does not see security as a silo in an IT organization but a part of a greater whole. You will use your experience to improve existing security measures and/or come up with new ones while providing a seamless experience to our end-users. You will strive to be inclusive and transparent in everything you do and be willing to help educate others and learn from others. You understand the need for and value of rigorous change management process and documentation and maturing a program for the entire IT Organization.
Primary Responsibilities
The responsibilities of the Network Security Engineer include, but are not limited to:
- Onboard and protect web applications to the Web Application Firewall (Imperva)
- Platform operation for Network Access Control, including profile development, policy development, integration with other security platforms
- Monitor and analyze network traffic, IPS logs, WAF logs and security event data for proper classification and consumption by security stack
- Investigate intrusion attempts and perform analysis of exploits
- Review security alerts
- Keep network security solutions on supportable baselines (Forescout, Firepower, FortiGate, Zscaler, CrowdStrike.
- Analyze a variety of network and host-based security appliance logs to determine the correct remediation actions and escalation paths for each incident.
- Provide information regarding intrusion events, security incidents, and other threat indicators to IR and other teams
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions
- Participate in knowledge sharing with analyst team on investigative and response methodologies
- Consult with IR for capability and countermeasure enhancements
- Maintain tool lifecycles and roadmaps
Candidate Profile
The successful candidate will be a passionate information security professional with the ability to communicate to different business and IT leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven problem solver.
- Bachelor’s degree in computer engineering, computer security or computer science discipline
- 4 years of network engineering and information security related experience including configuring routers, switches, firewalls, IPS, Web Application Firewalls
- Experience in log analysis, intrusion detection, or firewall administration, network operations,
- Deep understanding of network routing protocols and switching architectures
- Understanding of security operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment and security metrics
- Familiarity with network security methodologies, tactics, techniques, and procedures
- Knowledge of network security architecture, understanding of the TCP/IP protocol, and remote access security techniques/products
- Analyze network packet captures to solve/understand network issues/cyber incidents
- Experience performing security/vulnerability reviews of network environments
- Experience generating and modifying network and host-based Indicators of Compromise (IOC)
- Candidate must be able to react quickly, decisively, and deliberately in high stress situations
- Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, to technical and non-technical audiences at different seniority levels and interact with customers
- Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a global team setting
- Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
