Frontier Airlines is committed to offering ‘Low Fares Done Right’ to more than 60 destinations in the United States, Dominican Republic and Mexico on more than 270 daily flights. Headquartered in Denver, Frontier’s hard-working aviation professionals pride themselves in delivering the company’s signature Rocky Mountain hospitality to customers. Frontier Airlines is the proud recipient of the Federal Aviation Administration’s 2015 Diamond Award for maintenance excellence and was recently named the industry’s most fuel-efficient airline by The International Council on Clean Transportation (ICCT) as a result of superior technology and operational efficiencies.
The Sr. Network Security Engineer is part of an IT Security team that designs, implements, maintains, troubleshoots and audits the security of our network infrastructure, firewalls, IPS, servers, system-monitoring platforms, Anti-Virus, URL Filtering and PCI environments, in addition to maintain the Citrix VPN and application delivery system. The candidate will also be asked to perform penetration tests on external and internal systems, including application penetration tests.
- Firewall, IPS, VPN Implementation, Administration, and troubleshooting
- Manage, monitor and correlate SIEM environment for alarms and anomalies
- Monitoring, correlation and response to system logs and security appliances
- URL Filtering and Proxy monitoring, management, administration and troubleshooting
- Spam, and Content monitoring and management for email
- Anti-virus, malware monitoring and management
- Understand and have experience with PCI & SOX compliance
- Security Network Architecture
- Risk Assessments, vulnerability testing
- Internal audits against company Security Policies and regulatory requirements
- Implement and manage company Security Awareness training
- Implement and manage Security Vulnerability Management program
- Designs, implements, maintains, troubleshoots and audits the security of our network and information security infrastructure, firewalls, IPS, servers, system-monitoring platforms, Anti-Virus, URL Filtering, Identity management, VPN (Site to Site, Clientless and Client) and PCI environments
- Analyze network data for security flaws
- Provide regular status updates to management regarding ongoing projects, maintenance and systems support
- Perform necessary investigation, analysis and evaluation to determine project feasibility
- Recommend process improvements for a secure environment
- Maintain an understanding of industry trends and their impact on the company
- Maintain abreast of current and vulnerabilities and security concerns and their impact on the company
- Strong experience with Microsoft Azure security
- Assist in defining the security strategy and integrating regulatory compliance requirements (e.g., PCI, SOX) into the organizational security roadmap.
- Other duties as assigned
- Expert knowledge of Firewall management and deployment
- Broad and thorough knowledge of security systems and devices
- Proven application delivery for advanced traffic management experience
- Demonstrated and knowledgeable VPN deployment experience
- URL Filtering and troubleshooting experience is a must
- Ability to troubleshoot network/system related issues and effectively manage components in a production environment is critical.
- Ability to learn new systems and devices quickly
- Ability to deploy and manage complex internet and security related infrastructures.
- Able to work independently and with a team of peers and other departments
- Knowledgeable in penetration testing and vulnerability assessments and remediation
- Ability to remain organized at all times and to elicit cooperation from a wide variety of sources including team members, and other internal departments.
- Able to make accurate work estimates and deliver project within scheduled and budget constraints
- Good written and verbal communication skills
- Experience with Windows, Linux, and TCP/IP is required.
- Proficiency in network traffic analyzing and packet analyzing is desirable.
- Experience with network products and end user support is desirable.
- Preferred industry certifications include: SANS, CISSP, CISA, and PCI-DSS.
- Willing to work more than 40 hours and some weekends
- Willing to do On-Call rotation for after hours and weekend support