Based in St. Louis, Core & Main is a leader in advancing reliable infrastructure™ with local service, nationwide®. As a specialty distributor with a focus on water, wastewater, storm drainage and fire protection products and related services, Core & Main provides solutions to municipalities, private water companies and professional contractors across municipal, non-residential and residential end markets, nationwide. With over 370 locations across the U.S., the company provides its customers local expertise backed by a national supply chain. Core & Main’s 5,700 associates are committed to helping their communities thrive with safe and reliable infrastructure. Visit coreandmain.com to learn more.

Job Summary

Responsible for day-to-day efforts on Information security risk management for Core & Main, focusing on detailed technology issues.

Major Tasks, Responsibilities and Key Accountabilities

• Extensive experience with Networks firewalls:

  In-depth knowledge of firewall policy management, including security policies, NAT policies, QoS, and application identification.

  Proficiency in troubleshooting firewall issues.

  Experience with centralized firewall management.

  Strong expertise in Cloud networking and security:

  Demonstrated ability to manage and configure cloud policies, network security groups (NSGs), and virtual networks.

  Understanding of cloud architecture and best practices for secure deployments.

  In-depth knowledge and practical experience with Network Access Control (NAC) technologies:

  Experience with design, implementation, and management of NAC solutions.

  Understanding of authentication protocols, authorization policies, and guest access solutions.

  Proficiency in Zero Trust Network Access (ZTNA) policy management:

  Experience with ZTNA policy configuration, application segmentation, and user access control.

  Understanding of ZTNA architecture and troubleshooting connectivity issues.

  Solid understanding and practical experience with Network Segmentation:

  Ability to design, implement, and manage network segmentation strategies.

  Experience with tools and techniques for enforcing network segmentation to reduce attack surface and contain breaches.

  Solid understanding of network protocols and technologies:

  TCP/IP, routing protocols (BGP, OSPF), VLANs, VPNs (IPsec, SSL VPN).

  DNS, DHCP, and other core network services.

  Experience with security best practices and frameworks:

  NIST or other relevant security standards.

  Understanding of common attack vectors and mitigation strategies.

  Scripting and automation skills:

  Ability to automate security tasks and configurations.

  Experience with APIs for security tool integration.

  Excellent troubleshooting and problem-solving skills:

  Ability to diagnose and resolve complex network and security incidents efficiently.

  Strong communication and collaboration skills:

  Ability to work effectively with cross-functional teams and clearly articulate technical concepts.

Preferred Qualifications

• Strong understanding of network security principles and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and network segmentation
• Experience with cloud-based network security solutions
• Expertise in privileged access management (PAM), including PAM tools and methodologies, such as least privilege, Just-in-Time (JIT) access, and role-based access control (RBAC)
• Proficiency in SIEM technologies and the ability to analyze security logs to identify and respond to potential threats
• Familiarity with IT governance, risk, and compliance (GRC) frameworks, such as NIST Cybersecurity Framework and ISO 27001
• 5+ years of experience in information security, with a focus on network security
• CISSP certification (or equivalent) preferred
• CCSP certification (or equivalent) preferred

#LI-REMOTE

Core & Main is an Equal Employment Opportunity employer. Employment at Core & Main is based solely on a person’s merit and qualifications directly related to professional competence.  Core & Main does not discriminate against any employee or applicant on the basis of race, creed, color, religion, national origin, nationality, ancestry, age, disability, veteran status, pregnancy or related condition (including breastfeeding), affectional or sexual orientation, gender identity or expression, marital status, status with regard to public assistance, citizenship, or any other basis protected by law.

None of the questions in this application are intended to elicit information regarding any protected characteristics, nor imply any limitation, illegal preferences or discrimination based upon non-job-related information or protected characteristics.

For more information, please click here or visit https://www.eeoc.gov