This site uses cookies. To find out more, see our Cookies Policy

Principal Network Security Engineer in Roanoke, VA at Advance Auto Parts

Date Posted: 4/5/2019

Career Snapshot

  • Employee Type:
  • Location:
    Roanoke, VA
  • Career Type:
  • Experience:
    Not Specified
  • Date Posted:

Career Description

Job Description

Infrastructure Security Engineering establishes and maintains an effective security posture across the Advance Auto enterprise. ISE works to maintain network and system security and resilience through the implementation of hardware, software, and security best practices.  ISE is responsible for the AAP's infrastructure security architecture, engineering and operations.
Primary Responsibilities

  • Change Management peer review senior engineer guidance. 
  • Participate in weekly meetings with team to review planned changes, provide feedback, and plan release of changes according to release calendar.
  • Architecture reach-out to Network Services teams and other IT teams to drive awareness with evolution of Network Services architectures.
  • Communication to incident manager or problem manager for major incidents, including drafting and submitting IT Incident Reports.
  • Solution architecture assignment for multiple projects, as designated by manager, with adherence to overall enterprise architecture and network, service and system architecture standards.
  • Documenting architecture of Network Services systems and services throughout enterprise.
  • Evaluation of emerging technologies, with understanding of fit and value within enterprise.
  • Engagement with vendors for emerging solution review, including detailed design, and best practices evaluation.


  • Design Engineering role with top-level escalation support engineering.
  • Planning and Design phases of projects.
  • Architectural integration and technical solution interoperation discovery and planning, including partnering with other IT teams and developing holistic solution design across multiple disciplines.
  • Develop and maintain multiple architectural documentation across Network Services teams, including defining standards for integrations and technical solutions.
  • Overall enterprise Network Services architecture, High-Level Design and detailed technical design.  Including development of functional operation drawings, communication flow drawings, system object and interoperation drawings.

Position Requirements:

  • Solid communication skills.  Consistent communication and keeping requester informed of ticket status.  Ability to translate end-user concerns to technical needs for communication within team or with other IT teams.
  • Good collaboration skills, within team and with others.  The engineer must have the ability to work with others in a collaborative way, sharing his/her ideas/opinions, and be able to comfortably voice opinion, express justification for and accept alternate opinions.
  • Prioritizing operational issues and implementation tasks based on alignment with defined urgency and prioritization guidelines.
  • Must be able to manage requirements gathering, technical definition and task tracking to be successful.
  • Understanding of TCP/IP.  Specifically, how do systems communicate over an IP network, the differences between TCP and UDP communication, and what applications / OS’ / NICs are responsible for in the communication stack.
  • Firm grasp of client application uses (MS Office, Putty, etc).  Understanding of valid use-cases with these tools.
  • Awareness of web applications and use-cases for them.  Understanding of web browser configuration and caching implications on connectivity to web applications.
  • Firm understanding of operation of network firewalls and IPS systems, where they are positioned, and impact they could have on communication between areas of the network.  Able to use event management tools to research and identify complex connectivity scenarios, as well as impact on connectivity due to network firewall or IPS systems.
  • Understanding of enterprise data center services, and interoperation between applications and databases.  Understanding of new technologies introduced into environment, and able to provide guidance regarding solution architecture decisions with those.
  • SME-level knowledge across many technical solutions.
  • Must be able to understand detailed technical systems, how they interoperate, what functionality they provide, and the interoperation of them.  In many cases, that means knowing how things interact and where potential problems may be in troubleshooting issues, but more importantly with design decisions.
  • Must understand key business functions, technical solutions supporting them, and identify potential risks involved with changes or activities that he/she is responsible for.  He/She must be able to weigh the potential impact and identify the appropriate options for resolution with all included considerations.
  • Able to effectively guide other junior engineers, working alongside of them when necessary to show them the key factors to manage throughout their project/task.  The engineer should highlight the key caveats and goals for the related work.  The engineer must have extensive experience with design and implementation of all relevant technical solutions that he/she will be responsible for.
  • Able to review, analyze and translate business requirements into the appropriate technical solution, providing design that adheres to enterprise architecture standards.
  • Ability to develop task-lists for major projects, including developing phases, recognizing LoE, business risk and predecessors / dependencies.
  • Proficient in the configuration, implementation and troubleshooting of Network Access Control Lists, Network IPS Filtering Policies, Internet Access Web-Filtering Policies, Network Access Endpoint Posture and Profile Policies, VPN Client and Point-to-Point technologies, Web-App Firewall and Network Authentication Services (AAA).
  • Ability to understand Layered Security architecture, Security Zone architecture, Enterprise Application Platform architectures, and Stateful Traffic Flow.
  • Understanding of Cisco Routing and Switching including VLANs, Ethernet, WANs, LANs, Spanning Tree, Port Channels, and industry best practices.
  • Ability to understand the 7 layers of the OSI network model.
  • Ability to use industry standard tools and learn Advance Auto Parts specific tools to understand and diagnose issues with the network.
  • The ability to understand IPv4 networks and subnet masks and calculate CIDR boundaries.
  • Able to identify and document the root cause of network issues and outages, as well as recommended after-action changes to prevent further recurrence.
  • Able to open a support case and work with vendor TAC services to resolve open issues.
  • Familiar with different desktop operating systems and tools used by an IT professional.
  • Comfortable with GUI interfaces as well as a CLI interface.
  • Ability to effectively use Network Monitoring tools to isolate and diagnose problems proactively.
  • Can work independently on multiple projects or tasks.