Network Engineer
Apply NowCompany: SysMind Tech
Location: New Hartford, CT 06057
Description:
Title: Network Engineer
Location: New Britain, CT
Duration: 12+ Months
Experience: 8+ years
JOB DESCRIPTION:
Browsing - Mainly a wall for internal web browsing with 2 DMZs for Webster employee-facing service ingress such as email and VPN.
E-Comm [DMZ) - Ingres: cress for Webster Bank customer-facing services such as websites, APIs, and SFTP.
Vendor - ingress and egress for Webster core banking services and vendor connectivity.
PDD - protected internal senaces that contain sensitive information such as PLL, PCI, and HIPPA data.
Requested work to be performed
* Review traffic for Allow/Deny logs in our 4 environments (Browsing, Ecomm, Vendor, and PDD)
Add rules to allow traffic where needed
o Conduct a review of current rules if possible, and add to existing allowed rules.
o Rules should always be Layer 7 based unless there is no application defined.
o If there is no application defined a layer 4-based rule is permitted but should be monitored for layer 7 application signature matches
Create a firewall request and Document all rules created during the Migration.
Provide the document to the infrastructure security Team for next-day review and backfill of any firewall requests needed during the migration.
Assess firewall policies to proactively identify policy issues prior to application migration.
Location: New Britain, CT
Duration: 12+ Months
Experience: 8+ years
JOB DESCRIPTION:
Browsing - Mainly a wall for internal web browsing with 2 DMZs for Webster employee-facing service ingress such as email and VPN.
E-Comm [DMZ) - Ingres: cress for Webster Bank customer-facing services such as websites, APIs, and SFTP.
Vendor - ingress and egress for Webster core banking services and vendor connectivity.
PDD - protected internal senaces that contain sensitive information such as PLL, PCI, and HIPPA data.
Requested work to be performed
* Review traffic for Allow/Deny logs in our 4 environments (Browsing, Ecomm, Vendor, and PDD)
Add rules to allow traffic where needed
o Conduct a review of current rules if possible, and add to existing allowed rules.
o Rules should always be Layer 7 based unless there is no application defined.
o If there is no application defined a layer 4-based rule is permitted but should be monitored for layer 7 application signature matches
Create a firewall request and Document all rules created during the Migration.
Provide the document to the infrastructure security Team for next-day review and backfill of any firewall requests needed during the migration.
Assess firewall policies to proactively identify policy issues prior to application migration.