Staff Network Engineer

We are seeking a motivated and passionate Senior Network Security Engineer interested in joining our global network infrastructure support team responsible for designing, implementing, and maintaining a highly redundant and scalable network. You will be part of a dynamic network engineering team that is responsible for designing and supporting all global network services including LAN, WAN, Data Center, remote access, wireless, and firewall security. You will have an opportunity to learn and contribute to many new design initiatives and deployment projects as we continue to explore new and innovative design solutions and processes to optimize network efficiency, performance, and security. You will primarily be focused on improving the network security posture through new vendor solutions and best security standard practices. Synopsys is a growing global company that values Integrity, Execution Excellence, Leadership, and Passion. We are looking for candidates that embrace these same values and is interested in growing and learning with us. 

What You'll Be Doing 

• Develop and implement network security policies and procedures 

• Establish and maintain network security standards, compliance, and governance 

• Design and implement campus and datacenter segmentation policies 

• Design and implement network security standards and access controls 

• Design, configure, deploy, monitor, and troubleshoot production network infrastructure and associated services 

• Maintain a thorough understanding of Local Area Networking (VPC, VRF, VRRP, dot1q, dot1x, etc...) 

• Maintain a thorough understanding of IP routing design across multi-location network using dynamic routing protocols such as BGP, OSPF, and EIGRP 

• Maintain a thorough understanding of SD-WAN and VPN 

• Maintain a thorough understanding of current Wi-Fi technologies 

• Design, engineer, and support all aspects of corporate and global firewalls, cloud security, and VPN configurations, both internal and customer-facing. 

• Receives guidance from Management, Network Security Architects and InfoSec Engineers 

• Provides guidance to Network Security Administrators and Engineers, other departments and team members 

• Configure, implement, and maintain all security feature compliance on switches, wireless, routers, and SD-WAN 

• Mentor junior team members 

• Utilize automation tools and scripts to standardize deployment configurations and environments 

• Monitor and analyze networks for potential security threats and vulnerabilities 

• Conduct security audits and assessments to identify potential risk and vulnerabilities in the network infrastructure 

• Participate in an on-call rotation 

 Key Skills: 

•  Must be fluent in English

• 4+ years of IT professional experience working in network security engineering. 

• Expert knowledge of Palo Alto Firewall technologies 

• Expert knowledge of Zero Trust architecture, ZTNA and SASE 

• Experience with Zero-Day mitigation/remediation 

• Experience with configuring Zscaler 

• Solid understanding of IP routing protocols. 

• 3+ years of experience implementing Zero Trust or Secure Access Service Edge (SASE) network security architectures 

• 3+ years of experience working with Cloud providers as it relates to security and networking  

           (Amazon Web Services, Azure and Google Cloud).

• 2+ years Experience with configuring and troubleshooting Cisco and Aruba devices 

• Proficient in network configuration management and automation tools (Python, Ansible, OpenStack) 

• Experience with MFA, SSO, SAML deployment 

• Familiar with Cisco ACI and Nexus Data Center switching 

• Deep understanding of network security systems and protocols such as IPSec, IKE, GRE, TACACS, RADIUS, 802.1x, OSPF, DMVPN, BGP, SD-WAN  

• Bachelor’s degree or equivalent work experience 

• Excellent interpersonal skills, verbal and written communication skills, and proven analytical and problem-solving abilities with attention to detail. 

• Strong organizational skills with the ability to migrate between tasks 
   
   

Bonus Qualifications 

• Experience troubleshooting networking in Linux (RHEL, CentOS or Ubuntu) 

• Hands on experience with Clearpass NAC 

• Experience with JS frameworks such as Angular or React 

• Familiar with federal U.S. OMB mandates and policies 

• Familiar with ITAR guidelines and regulations 

• Automation and scripting tools such as Python and Ansible 

• Experience with working in a global team environment and solving problems independently. 

• Master’s degrees in Network or Computer Engineering, Computer Science, Cybersecurity 

• Ability to analyze network packet captures 

• Strong knowledge of the NIST framework and able to mitigate, remediate and redesign based on the defined framework policies 

• Certifications such as PCNSE, ZIA/ZPA, CCNP, CCDP, CCIE, CISSP, CCDE, CEH, Security+ or equivalent work experience is a big plus  

• Familiar with RestAPI automation and configuration management 

• Experience with MFA, SSO, SAML deployment 

At Synopsys, we’re at the heart of the innovations that change the way we work and play. Self-driving cars. Artificial Intelligence. The cloud. 5G. The Internet of Things. These breakthroughs are ushering in the Era of Smart Everything. And we’re powering it all with the world’s most advanced technologies for chip design and software security. If you share our passion for innovation, we want to meet you.   

Inclusion and Diversity are important to us.  Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, military veteran status, or disability   

#LI-DNI