Georgia Employer NETWORK SECURITY ENGINEER - ATLANTA, GA - 136468 in Atlanta, Georgia

Job ID: 136468 Position Overview Reporting to the IT Security Manager of the CRH Americas Materials Group (CRH AMAT), the Network Security Engineer is responsible for design, execution and oversight of network security for CRH AMAT as well as providing network security expertise for security teams across four product groups partnered with CRH AMAT. It is the job of the Network Security Engineer to review corporate networks and applications, evaluate designs and implementations against security best practices and remediate gaps. The Network Security Engineer will be responsible for diagnosing security-related network operations problems. The Network Security Engineer will work closely with the IT leadership and decision makers in other departments in order to identify, recommend, develop, implement, and support cost-effective IT Security technology solutions for all aspects of the organization. The Network Security Engineer will work collaboratively with information security professionals across other divisions of CRH (CRH AMATs parent company). Key Responsibilities (Essential Duties And Functions) Review network designs and evaluate compliance to applicable security standards Create and maintain network security related policies, procedures, standards, and documentation as needed. Evaluate project initiation documents from the perspective of information security standards and practices. Conduct network security audits and provide recommendations to mitigate risks. Respond to and remediate security incidents, intrusions, malware infections, etc. Take action to maintain compliance to security standards and policy, escalate non-compliance in a timely and effective manner. Configure, support and maintain day-to-day operations of security tools. Monitor security consoles and remediate alerts as appropriate. Effectively carry out design, configuration and documentation of information security systems and devices (e.g. Firewalls, VPNs, Enterprise Gateway Devices, Remote Access Solutions, SIEMs, Content Engines, IPS/IDS Systems) Maintain current configurations, carry out proper administration and support of information security systems (e.g. Firewalls, VPNs, Enterprise Gateway Devices, Remote Access Solutions, Content Engines, IPS/IDS Systems) Maintain current and relevant knowledge of common network, authentication and security protocols (e.g. SNMP, TLS, SSL DNS, HTTPS, SMTP, LDAP, KERBEROS, RADIUS and FTPS) Maintain current and relevant knowledge of existing, changing and rising threats in business, network and security landscapes. Participate in change management process meetings and working sessions. Define and enforce controlled access to corporate security zones as required. Participate as an effective contributor in CRH global and Oldcastle Inc, regional security working groups, conferences, programs of work and projects as required. Produce and maintain disaster recovery and business continuity work practices related to information security policies, procedures, processes and tools. Qualifications Education/Experience Bachelors degree in Computer-related discipline; or equivalent professional experience, with 5 years of experience in designing and implementing enterprise wide technical solutions for network and information security in large distributed enterprise environments. CCIE, CCNA Security, SSCP, CISSP or similar GIAC certifications desired. Expert knowledge of networking required. Expert understanding of VPNs and remote access. Expert knowledge of OSI and TCP/IP models, SNMP, DNS, DHCP, Netflow Experience with Splunk, Cisco ISE, Qualys, Experience with web application vulnerability scanning tools. Experience with forensics tools such as wireshark, nessus, netsleuth, Networkminer. Experience with Cisco CES, CWS, and AMP a plus. Understanding of information management and data classification. Security incident investigation experience. Virus protection and content filtering kn