Are you a curious maniac? Do you have a curious nature that if you were a cat, you'd be pressing your luck? Do you have a maniacal sense of duty to uptime and network security? AOL is looking for you! We have an immediate opening for a Technical Security Engineer at just about any level. If you're fresh from the proving grounds of school where you forged a blazing path in system or network security, or if you have already helped the largest website on the face of the earth fend off the largest DDoS and other threats known to humans, then we need you! We look for people that are exceptionally imaginative, collaborative, and truly excited about our mission: to inform, entertain, and connect the world... and have a dogged attitude to keep anyone who would try and keep us from obtaining that mission at bay.
As a Technical Security Engineer at AOL you will be responsible for the network security elements that protect our infrastructure and websites so that our 150million+ unique visitors can get to the content they seek 24x7xForever! Technology responsibility includes our router/switch ACLs, VPNs, firewalls, DoS mitigation, and network intrusion detection for our customer facing global data center levels and all of our employee offices around the world. You will be key contributor to the security and optimization of our infrastructure, overall system design, and managing the day-to-day network security infrastructure.
The NetSec team is currently staffed primarily with Senior to Principal level coworkers. Based on your level of experience the team will mentor you if you are a new and at the Associate level in the art and science of the role (and of course learn from the fresh new ideas you bring). The team will also just as willingly learn from a Senior or Principal level person who brings lots of outside experience and fresh ideas. The position is in AOL Technology Operations. Our sites must be up 24x7xForever, as such you will be an escalation point for our Tier 1 and Tier 2 NOCs. Read on for some of the specifics!
Daily Responsibilities
• Collaborate on the security, design, and refinement of AOL products with development and system/application operation engineers
• Influence our vendors on enhancing their products that we often know better than they do themselves
• Research and investigate reported firewall, ACL, VPN, and other network security related issues
• Implement changes to the network security infrastructure to support new and changing deployments
• Track and own all incident and problem management work through a ticketing system
• Troubleshoot issues and resolve or escalate to proper Operational teams
• Document new findings and upload information to team wiki and documentation stores
• Ensure SLA's are met for issues during work and on call hours by responding to tickets and pages
• Respond to network-based security incidents (e.g. DDoS attacks, access issues, etc) per the SLA for each severity level ticket submitted and prioritize action as appropriate
• Establish a balance between empowering the business community to take advantage of network-based capabilities and keeping assets secure from unauthorized access.
Required Abilities
• For an Associate level, a candidate must have a proven track record in school showing original thought, a curious nature, and prowess in system or network security or general system analysis and design
• For the Journeyman and Senior levels, a candidate needs between 2-10 years of solid experience working with at least two of the following: firewalls, VPNs, router/switch ACLs, Unix/Linux administration, and general network security practices
• For a Principal level, a candidate must have a proven track record in industry keeping the largest websites in the world up and running 24x7xForever while rebuffing major attacks AND be able to demonstrate their curious nature and maniacal sense of duty to security, uptime, and reliability and frankly knock the socks off the interview team with their knowledge, skills, abilities, teamwork, and great attitude
• Self starter that is able to seek and prioritize work load
• Ability to multitask and prioritize issues is imperative
• Fast and versatile learner that adapts well to change
• Individuals who are motivated, responsible, and require little supervision
• Individuals must be able to solve simple to moderately complex problems requiring independent thought
• Team player with professional work ethic, positive attitude, and good interpersonal skills is a must
• Ability to work effectively under pressure
Required Skills
• Design, implementation, and operation of network security infrastructure
• Outstanding customer service skills
• Superior oral and written communication skills to interface with customers, third party vendors, business owners, Operations, Development, and QA groups
Required Knowledge (some mix of the following)
• Firewalls & VPNs: Netscreen, Palo Alto, Checkpoint, iptables, Juniper Secure Access, various proxy servers, etc.
• Routers/Switches: Juniper, Brocade/Foundry, Cisco, Arista
• Intrusion Detection and DoS Systems: we'll talk about that later, but bring your experience
• Load balancers: Citrix Netscaler, Brocade/Foundry ADX and ServerIron, F5 Networks, A10 Networks
• System Administration: Linux (Redhat, Centos, Ubuntu, etc), other flavors of Unix, and some Windows even
• Protocol knowledge of: IP, TCP, UDP, HTTP(S), DNS, SMTP, IMAP, etc.
Desired Skills/Knowledge
• Experience in a 24/7 Internet facing production environment
• PERL, Python, and/or shell scripting
• Experience with web technologies such as Tomcat, Apache, Weblogic, PHP, Ruby, LAMP Stack, SOLR, MySQL, MongoDB, CouchDB, etc.
• Advanced understanding of various protocols and ability to secure and tune them for maximum performance under a variety of conditions
Education/Experience
• A Bachelor’s degree in Computer Science or related discipline preferred
• Level of position is commensurate with experience and abilities (Associate - Journeyman - Senior - Principal)
Unique Requirements
This job requires on-call work and on-demand work schedule changes. This job may require limited travel.