Sr Network Security Engineer

Chicago, Illinois

 Rush University
Apply for this Job
Job Description

Location: Chicago, Illinois

Business Unit: Rush Medical Center

Hospital: Rush University Medical Center

Department: IT Infrastructure

Work Type: Full Time (Total FTE between 0.9 and 1.0)

Shift: Shift 1

Work Schedule: 8 Hr (8:00:00 AM - 5:00:00 PM)

Rush offers exceptional rewards and benefits learn more at our Rush benefits page .

Pay Range: $46.07 - $77.40 per hour

Rush salaries are determined by many factors including, but not limited to, education, job-related experience and skills, as well as internal equity and industry specific market data. The pay range for each role reflects Rush's anticipated wage or salary reasonably expected to be offered for the position. Offers may vary depending on the circumstances of each case.

Summary:

Rush University Medical Center is seeking a Senior Network Security Engineer to help strengthen our cybersecurity posture across data center and public cloud environments. This role is a great opportunity for someone passionate about network security, cloud security, and firewall architecture to work with leading technologies like Palo Alto Networks and Cisco.

Position Highlights
  • Serve as a subject matter expert in firewall architecture, network security tools, and cloud security.
  • Design, implement, and enhance security controls across on-premises and cloud environments.
  • Support secure remote connectivity solutions for users and locations.
  • Lead threat intelligence integration to proactively mitigate risks.
  • Collaborate across teams to drive security projects aligned with business goals.
What we Seek
  • Experience with network security technologies(Palo Alto, Cisco, etc.).
  • Strong expertise in firewall architecture and security best practices.
  • Knowledge of cloud security and securing cloud applications.
  • Passion for exploring new technologies and improving security posture.
Why Join Rush?

Rush's network security team is constantly innovating, exploring next-generation security technologies, and improving cybersecurity resilience. If you're excited about cutting-edge security solutions and want to make an impact in healthcare, apply today and help us push the boundaries of network security.

Responsibilities:
  • Handles complex work critical to the organization.
  • Provide day-to-day network security administration tasks including but not limited to creating rules, route changes, implementing new features, whitelisting/blacklisting, running reports, and hardening existing security tools and the surrounding infrastructure.
  • Plan, coordinate, and execute software upgrades of firewalls and additional security tools.
  • Architect and implement firewalls and technical security controls to provide additional visibility, inspection, and enforcement capabilities on network traffic.
  • Management and administration of native and third-party Microsoft Azure networking and security tools.
  • Perform troubleshooting of networking and firewall issues as they arise to promptly identify root cause and provide resolution.
  • Perform analysis and tuning of all firewall features including but not limited to Threat Prevention, URL Filtering, and Wildfire.
  • Design, implement, and troubleshoot IPSec VPN tunnels across a variety of platforms.
  • Maintain, troubleshoot, and enhance remote access VPN technologies across multiple platforms.
  • Implement, manage, and troubleshoot integration of threat intelligence data with firewalls, SIEM, and additional security tools.
  • Manage SIEM log forwarding and log collection deployment for firewalls and additional network and security tools.
  • Build custom reports based on firewall data to provide metrics, identify gaps, and identify trends in network traffic, threats, and application usage. Create actionable recommendations and tasks based on reporting data.
  • Provide support in cyber security investigation and response activities.
  • Monitor firewall performance, health, and system integrity.
  • Run Best Practice Assessments on Palo Alto Networks technologies annually and present to technical and non-technical stakeholders. Develop actionable recommendations and implementation plans to further security posture.
  • Support multiple projects across the organization working with a variety of teams and stakeholders to drive projects to their completion.
  • Investigate and resolve help desk tickets escalated to network security.
  • Communicate clearly with both technical and non-technical audiences while managing and furthering the security posture of the organization across multiple platforms.
  • Continually assess existing infrastructure to identify gaps in visibility and enforcement. Provide recommendations and architect solutions to address identified deficiencies.
  • Investigate and manage security incidents and remediation activities within CASB solution.
  • Investigate and manage cloud security incidents and remediation activities within native and third-party cloud security tools.
  • Other duties as assigned.
Required Job Qualifications:
  • Bachelors Degree and 5 years of experience in information security and/or IT risk management or An associates degree and 7 years of relevant experience
  • Strong knowledge and hands-on experience in the design, configuration, troubleshooting, and administration of Palo Alto Networks NGFW virtual and physical appliances.
  • Strong knowledge and hands-on experience in using Panorama to manage devices at scale and managing log collection deployments.
  • Deep knowledge of Palo Alto Networks technologies and best practices including but not limited to AppID, Threat Prevention, WildFire, URL Filtering, Global Protect, User Identification, High-Availability, Autofocus, Prisma, Minemeld, etc.
  • Strong working knowledge of and experience with common network protocols including but not limited to: BGP, OSPF, STP, ARP, VLANs, Trunking, LACP, VPCs, ICMP, LDAP, RADIUS, DNS, DHCP, HTTP, TLS, SMTP, SSH, SCP.
  • Strong working knowledge of Routing and Switching infrastruture.
  • In-depth knowledge and practical understanding of TCP/IP and the OSI model.
  • Knowledge of common security threats and protections to network, cloud, and endpoint resources.
  • Knowledge and experience in log forwarding and event correlation with an enterprise grade SIEM.
  • Knowledge and experience with public cloud networking and security technologies in AWS, Azure, and/or GCP.
  • Implementation and troubleshooting experience with IPSec and SSL VPN technologies across multiple platforms.
  • Strong knowledge and hands-on experience with Public Key Infrastructure (PKI) and certificates.
  • Implementation and administration experience with one or more Multi-Factor Authentication technologies.
  • Implementation and administration experience with forward and reverse proxies and/or load balancers.
  • Network segmentation and/or micro-segmentation design and implementation experience.
  • Experience in the analysis of Packet Captures using Wireshark or similar tools.
  • Designs and implements solutions for networking environments to include local area networks (LAN), wide area networks (WAN & SD-WAN), security, wireless, voice, micro-segmentation, cloud networking, data center networking, and other components of data networks.
  • Experience designing, implementing, and supporting complex technical solutions.
  • Familiarity with the capabilities and problems of a broad spectrum of hardware and transmission technologies (e.g., cabling, optical fiber, WAN and transport, routing, firewalls, LAN/VLANs switches, SDN, etc.)
  • Develops technical designs and documentation of preexisting and post-implemented solutions with technical acumen.
  • Highly self-motivated.
  • Detail oriented.
  • Clear and concise written and verbal communication skills.
  • Analytical, multi-tasking and problem-solving skills.
  • Must be flexible to work outside of business hours as per business requirements.
Preferred Job Qualifications:
  • Palo Alto Networks Certified Network Security Engineer (PCNSE8-9) certification.
  • CCNA Certification (or higher).
  • AWS/Azure/GCP certification.
  • Cisco ASA experience preferred.
  • Cisco routing and switching experience.
  • Incident Response experience.
  • InfoBlox administration experience.
  • Cisco ISE administration experience.
  • F5 BIG-IP experience.
  • Citrix Netscaler experience.
  • ServiceNow experience.
  • Threat intelligence experience (consumption, presentation, and enforcement of indicators).
  • Familiarity with the MITRE ATT&CK framework.
  • Familiarity with NIST SP 800 series.
  • Familiarity with HIPPA, PCI-DSS, GDPR, and other compliance standards.
Rush is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.

Position Sr Network Security Engineer

Location US:IL:Chicago

Req ID 17391

Date Posted: 04 April 2025
Apply for this Job
Show me similar jobs
Send me jobs by email