Beschreibung
IP Network and Security Engineer - NRW/GER
We are currently looking for an IP Network and Security Engineer to join one of our prestigious telecommunication clients.
Position Title: IP Network and Security Engineer
Position Type: 6 months rolling contract
Start Date: January 2015
Location: North Rhine Westphalia,? Germany?
Contact: Luka Hlebar
The local ICT Infrastructure team in is responsible for the IP NW and IP Infrastructure design, the setup of the new IP Infrastructure in the Global ICT Center and the acceptance as enabler for the final equipment transfer. The purpose of the role is to support the local ICT Infrastructure team during the feasibility studies, during the network acceptance and during the verification of the Hub functionality .
Responsibilities:
-
Support the local ICT Infrastructure team during the feasibility study with focus on the Firewall function
-
Conduct in depth analysis of the existing IP NW including the security concept (eg Firewall rule set, )
-
Design/Develop a Firewall concept in line with the global guidelines and the local project needs.
-
Support the local ICT Infrastructure team during the NW implementation, troubleshooting and acceptance test.
Qualifications/Professional experiences Required:
-
Advanced Junos Security (AJSEC) course passed
-
Hands-on experience on technical level with Junos OS Security
-
Knowledge of Junos security handling at Layer 2 versus Layer 3
-
Understanding of Logical Systems (LSYS).
-
Configuration of custom application signatures.
-
Implementing features of the AppSecure suite, including AppID, AppFW, and AppTrack
-
Implement address books with dynamic addressing.
-
Compose security policies utilizing ALGs, custom applications, and dynamic addressing for various scenarios.
-
Use Junos debugging tools to analyze traffic flows and identify traffic processing patterns and problems.
-
Describe Junos routing instance types used for virtualization.
-
Implement virtual routing instances.
-
Describe and configure route sharing between routing instances using logical tunnel interfaces.
-
Describe and implement static, source, destination, and dual NAT in complex LAN environments.
-
Describe and implement variations of persistent NAT.
-
Describe and implement Carrier Grade NAT (CGN) solutions for IPv6 NAT, such as NAT64, NAT46, and DS-Lite.
-
Describe the interaction between NAT and security policy.
-
Demonstrate understanding of DNS doctoring.
-
Differentiate and configure standard point-to-point IP Security (IPsec) virtual private network (VPN) tunnels, hub-and-spoke VPNs, dynamic VPNs, and group VPNs.
-
Implement IPsec tunnels using virtual Routers.
-
Implement OSPF over IPsec tunnels and utilize generic routing encapsulation (GRE) to InterconnecT to Legacy Firewalls.
-
Monitor the operations of the various IPsec VPN implementations.
-
Describe public key cryptography for certificates.
-
Utilize Junos tools for troubleshooting Junos security implementations.
-
Perform successful troubleshooting of some common Junos security issues.
-
Good understanding of the ScreenOS platform
-
Good experiences on the Linux command line as well as MS Windows platforms
-
Fluent English, German will be considered an advantage
Please submit your CV
Quoting reference: JSLHIPNSE/6531
Or call Luka