IT Security, Sr. Staff 

We are seeking a motivated and passionate Staff Network Security Engineer interested in joining our global network infrastructure support team responsible for designing, implementing, and maintaining a highly redundant and scalable secure network. You will be part of a dynamic network engineering team that is responsible for designing and supporting all global network services including LAN, WAN, Data Center, remote access, wireless, and firewall security. You will have an opportunity to learn and contribute to many new design initiatives and deployment projects as we continue to explore new and innovative design solutions and processes to optimize network efficiency, performance, and security. You will primarily be focused on improving the network security posture through new vendor solutions, implementing Zero Trust Architecture and best security standard practices. Synopsys is a growing global company that values Integrity, Execution Excellence, Leadership, and Passion. We are looking for candidates that embrace these same values and are interested in growing and learning with us.

Roles & Responsibilities

• Design, configure, deploy, monitor, and troubleshoot production network security infrastructure and associated services.
• Design and implement network security standards and access controls following NIST frameworks.
• Develop and implement network security policies and procedures.
• Aid with designing and implementation of campus and datacenter macro & micro-segmentation policies.
• Utilize automation tools and scripts to standardize deployment configurations and environments.
• Maintain vulnerability management processes and policies using a risk-based priority methodology.
• Monitor and analyze networks for potential security threats and vulnerabilities.
• Manage network security infrastructure including SASE, firewalls, VPNs, and ZTA solutions.
• Help maintain and advance Zero Trust Architecture adoption.
• Develop and enforce best practice security standards, Firewall rules, compliance, and governance.
• Analyze external and internal security audits/assessments and plan/provide solutions to mitigate.
• Stay up to date on emerging network security threats and proof of concepts.
• Create and maintain documentation of network security designs, processes, and procedures.
• Identify and solve problems related to overall security infrastructure performance, efficiency, and availability in a timely manner.
• Contribute to network and security support ticketing and provide timely resolution for end user issues.
• Participate in an on-call rotation.
• Knowledge on quantum resistant encryption and migration plan

Key Skills

• 10+ years of experience working on current bleeding edge technology Gartner leaders. 
• Bachelor’s degree or equivalent work experience
• Proficient in network configuration management and automation tools (Python, Ansible, Terraform)
• Familiar with RestAPI automation and configuration management secure coding
• Strong analytical and problem-solving skills 
• Strong experience with Zero-Day mitigation/remediation
• Experience with MFA, SSO, SAML deployment.
• Certifications such as PCNSE, ZIA/ZPA, CCNP, CCDP, CCIE, CISSP, CCDE, CEH, CISSP, Security+ or equivalent work experience is a big plus. 
• Familiar with Cisco ACI contracts and service graphs to insert FWs or NLBs as needed.
• Network Access Control, 802.1x, RADIUS and TACACS using Aruba Clearpass or Cisco ISE
• Deep understanding of network and security protocols such as IPSec, IKE, GRE, DMVPN, BGP, SD-WAN, OSPF
• Experience with configuring and troubleshooting Cisco, Ivanti, Versa-Networks, and Aruba devices.
• Experience in conducting vulnerability scans and knowledge of industry standard scoring models such as CVSS, CCSS
• Operationalizing MITRE Attack & TTPs in vulnerability prioritization
• Demonstrated experience and success with development and promulgation of enterprise-class security policy and standards.
• Strong familiarity with OWASP Top 10, SANS/CWE Top 25 software security vulnerabilities
• Experience with configuring Palo Alto, Zscaler and SASE solutions.
• Ability to analyze network packet captures.
• Well-versed with automation and scripting tools such as Python and Ansible
• Experience troubleshooting networking in Linux (RHEL, CentOS or Ubuntu)
• Ability to create best practice processes, secure environment diagrams and documentation.
• Strong verbal, written interpersonal and communication skills. 
• Strong organizational skills with the ability to migrate between tasks.
• Strong technical security mindset, and ability to present to higher management as needed.

Bonus Qualifications

• Experience with JS frameworks such as Angular or React
• Cloud experience in GCP, Azure and AWS 
• Experience with working in a global team environment and solving problems independently.
• Master’s degree in electrical or computer engineering, Computer Science, Cybersecurity

At Synopsys, we’re at the heart of the innovations that change the way we work and play. Self-driving cars. Artificial Intelligence. The cloud. 5G. The Internet of Things. These breakthroughs are ushering in the Era of Smart Everything. And we’re powering it all with the world’s most advanced technologies for chip design and software security. If you share our passion for innovation, we want to meet you.  

Inclusion and Diversity are important to us. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, military veteran status, or disability.