Description and Requirements
We are looking for Network Engineers with at least 5 years of experience in designing, implementing, and maintaining enterprise-level network infrastructure for one of our key customers in Singapore. The candidate should possess in-depth knowledge and hands-on experience with the following core technologies and their market alternatives:
(a) Load Balancers (Core):
(i) F5 BIG-IP: Advanced configuration and management
(ii) Alternative products: Citrix ADC (NetScaler), NGINX Plus, HAProxy
(iii) Experience in application delivery, SSL offloading, and traffic management
(b) Network Routing and Switching (Core):
(i) Cisco: IOS, Nexus series configuration and troubleshooting
(ii) Alternative products: Juniper Networks, Arista Networks, HPE (Aruba)
(iii) Proficiency in OSPF, BGP, EIGRP, and VLANs
(c) Next-Generation Firewalls (Core):
(i) Check Point: Configuration, policy management and threat prevention
(ii) Palo Alto Networks: Configuration, policy management and threat prevention
(iii) Alternative products: Fortinet FortiGate, Cisco Firepower
(iv) Proficient in On-Premise firewall equipment and Cloud firewall instances
(v) Proficient in dynamic routing protocols
(vi) Experience in implementing zero-trust network architectures
(d) Cloud Network Security (Core):
(i) Azure Firewall: Design and implementation in Azure environments
(ii) Alternative products: AWS Network Firewall, Google Cloud Armor
(iii) Skilled in cloud-native network security best practices
(e) Application Gateways (Core):
(i) Azure Application Gateway: Configuration and management
(ii) Alternative products: AWS Application Load Balancer, Google Cloud Load Balancing
(iii) Experience in web application firewall (WAF) implementation
(f) Intrusion Detection Prevention Systems (IDPS):
(i) Implementation and management of IDPS solutions
(ii) Experience with products like Check Point, Palo Alto Networks
(iii) Alternative products: Fortinet, Cisco Firepower, Suricata
(iv) Skilled in configuring, tuning, and maintaining IDPS rules and policies
(v) Proficient in analyzing IDPS logs and responding to security incidents
(g) Software-Defined Networking (SDN) (Good to have):
(i) Familiarity with SDN concepts and implementation
(ii) Experience with products like Cisco ACI, VMware NSX, or Juniper Contrail
(iii) Experience in SDA handling the Cisco UCS and Cluster SDN Controllers
(iv) Experience in ACI Configuration and Implementation
(v) Experience in SD-WAN implementation and policy push through Controller.
(h) Network Monitoring and Analytics (Good to have):
(i) Proficiency in using network monitoring tools (e.g., SolarWinds, PRTG, Nagios)
(ii) Experience in network performance analysis and optimisation
(iii) Experience in NetFlow tracing and understanding
(i) VPN and Remote Access Solutions (Good to have):
(i) Configuring and managing site-to-site and remote access VPNs
(ii) Experience with products like Cisco AnyConnect, Palo Alto GlobalProtect
(j) Network Automation (Good to have):
(i) Scripting skills for network automation (e.g., Python, Ansible)
(ii) Experience with network orchestration tools
(k) Network Security Protocols (Core):
(i) Deep understanding of IPSec, SSL/TLS, 802.1x
(ii) Implementation of network access control (NAC) solutions
(iii) Deep understanding and implementation skillset on Tacacs Server.
Required Skills & Qualifications
. Bachelor's degree in IT, Computer Science, or related field (or equivalent experience).
. Singaporean, due to Security Clearance requirement.
. Minimum of 5 years of hands-on experience.
. At least Cisco Certified Network Professional (CCNP)
. Experience with deployment and support of Cisco SDWAN, Cisco ACI, F5 load balancers, Checkpoint or Palo Alto Firewalls
. Experience with performing CIS hardening on network devices, perform security assessment and remediation.
. Familiar with ITIL best practices and processes
. Good knowledge of networking (IP addressing, routing, VLANs)
