Cybersecurity Network Security Specialist (Warsaw, 70%...
460 - 483 € / dziennieThe White Team
Cybersecurity Network Security Specialist (Warsaw, 70% remote) – EU Public Organisations
Profile: Cybersecurity Network Security Specialist (Network Security, Application Delivery, Local Area Networking, Wide Area Networking, Cloud Networking, Data Center Networking, Network Management, SDN) - Level Advanced.
Securiy Clearance: Is required (security screening procedure must be initiated within first 45 days of assignment) - CONFIDENTIEL UE/EU CONFIDENTIAL.
Place of performance: Frontex Headquarters in Warsaw. 30% onsite + 70% remote.
Duration of the mission: 48 months.
Award criteria: 35% Price / 65% Quality.
Minimum required scoring for interview (%): 60%.
Minimum level of education: Level 4.
Minimum English language skills (CEFR): B2.
Minimum IT relevant professional experience (years): 5 years.
Minimum experience at similar position (years) : 5 years in relevant IT roles.
Rate: 460-483€/day NWH 600-628€/day EWH.
· NWH: 220 days x 4 years.
· EWH: 30 days x 4 years.
Required certificates
· CCNP Security or equivalent from other network vendors (e.g. Palo Alto certifications).
Knowledge and skills
knowledge:
· Very good understanding of TCP/IP protocols, IP routing, Network Security Policies
· Good knowledge of network services like DNS, DHCP, NTP, etc.
· Good understanding of the wired and wireless access technologies (wifi, 802.1x/EAP etc.).
· Good understanding of the application-layer authentication and encryption mechanisms, e.g. protocols, PKI and X.509 certificates.
· Hands-on experience with the products and solutions related to the domain (e.g. Cisco routers and switches, wireless controllers, network firewalls etc.).
· Hands-on experience in administering of a large enterprise network.
· Good knowledge of the network configuration of the endpoint operating systems (Windows, Linux, IOS etc.).
· Work experience with stateful and stateless traffic filtering.
Skills:
· Excellent communication skills both technical and non-technical (in written and verbal communication).
· Very good analytical and trouble-shooting skills.
· Open minded, excellent troubleshooting, analytical and problem solving skills.
· Very strong sense of responsibility, accuracy and attention to details.
· Sense of tact and diplomacy.
· Friendly, supportive and helpful personality with co-operative and service oriented attitude.
· Ability to work in stressful environment with minimal supervision.
· High level of motivation and initiative, creating thinking.
· A proactive attitude and team-work spirit.
Other:
· Able to travel occasionally inside Europe (plane, boat, car etc.) up to 10 travels/year.
· Driving license card. B.
· Ability to drive rented car, including abroad.
Specific requirements:
The following additional certifications are desirable for this assigment:
· CCSP (Certified Cloud Security Professional) or equivalent.
· AZ-305: Designing Microsoft Azure Infrastructure Solutions or equivalent.
Good knowledge and hands-on experience in the area of local network:
· Manage Palo Alto Firewalls using Panorama; Manage Cisco Switching based networks; Manage Palo Alto GlobalProtect at scale; Internet edge forward-proxy / outbound security on Palo Alto; Advanced troubleshooting (packet + firewall dataplane); Verification of security Firewall security rules, identification of gaps and provisions of improvements or corrections; VPN design plus operations at scale; 802.1X/EAP & NAC integration (provide examples of known specific brands).
Good knowledge and hands-on experience in the area of Cloud Networking:
· Hub-and-spoke / landing zone networking: design and operate VNets, subnets, peering (incl. cross-subscription), segmentation, route isolation; Network security enforcement: implementing and troubleshooting NSGs/ASGs, service tags, and the “why is this flow blocked” workflow using effective security rules; Private access patterns: Private Link/Private Endpoints, Private DNS Zones, DNS forwarding/resolution across on-prem ↔ Azure; Hybrid connectivity: operating and troubleshooting Site-to-Site VPN and/or ExpressRoute (BGP basics, failover, throughput/MTU, tunnels, active/active patterns).
Good knowledge and hands-on experience in the area of SASE/SSE:
· Remote access & ZTNA; Traffic steering / routing; TLS inspection / decryption operations; Threat protection at the edge; Identity integration; Migration experience: Proven migration from on-prem proxy/VPN to SASE/SSE: phased rollout; exceptions handling, legacy apps, rollback strategy, stakeholder communications.
Good knowledge and hands-on experience in the area of Zero Trust Networking:
· Policy based on identity + device posture; Microsegmentation / least privilege: Designing segmentation for east-west and north-south traffic: tiers, zones, app dependency mapping, deny-by-default between segments, controlled egress.
Proven knowledge and hands-on experience in the area of WAF / LoadBalancer:
· Web Application Firewall solutions (e.g. F5, Cloudflare, Citrix); LoadBalancing technologies.
Typical tasks and responsibilities
· Administer, monitor and troubleshoot network security solutions specific to the domain.
· Provide 2nd line support to Frontex system and network users.
· Create and update the technical documentation and operating procedures.
· Advice possible network security improvements, changes or upgrades.
- senior soc analyst Warszawa
- soc analyst Warszawa
- junior cybersecurity analyst Warszawa
- IT security consultant Warszawa
- senior IT security data analyst Warszawa
- cyber threat analyst Warszawa
- group information security analyst Warszawa
- senior cybersecurity analyst Warszawa
- IT-information-security/risk-specialist- -iso-27001 Warszawa
- cyber security specialist Warszawa