Crown Cork & Seal, Inc. - Yardley Corporate Office Good Things Come in Our Packages… Crown Cork & Seal, Inc. is a Fortune 500 Manufacturing Company with a rich history dating back to 1892. As a global leader in the packaging industry, we operate in over forty-five countries with more than two hundred plants. Our commitment to excellence is reflected in the trust that the largest consumer products companies place in Crown for their packaging needs. Join us and be part of a team where over 20,000 employees trust their careers to our innovative and dynamic organization. Systems Integration Specialist Description As the Systems Integration Specialist at Crown Cork & Seal, Inc., you will play a crucial role in our IT network and support team at the corporate office in Yardley. Your responsibilities will encompass a wide range of hardware, networking, and application technologies, as well as proficiency in scripting and web development. As a member of a team of 12 IT network and support staff, you will be at the forefront of ensuring seamless operation and continuous improvement of our firewall solutions, cloud infrastructure, Exchange environment and EDI operations. Responsibilities • Support and optimize PC and server networks leveraging Cisco technologies including routers and switches, in a fully converged WAN data network with primary DMVPN and Cellular backup connections. • Facilitate inbound connections through VPN links and Citrix NetScalers/Access gateways. • Oversee the implementation, configuration, and support of Microsoft technologies, including but not limited to Windows Server, Active Directory, and Microsoft Office Suite. • Aid telecommunications projects aimed at improving or expanding the current infrastructure while managing cost controls. • Monitor and identify capacity and performance issues, conducting research on emerging products, services, and protocols. • Provide on-call technical support as needed. • Install state-of-the-art IT equipment and provide guidance to team members. • Act as liaison between network group, applications development group and IBMi operations groups to provide complete end-to-end support for EDI functions. Position Requirements Formal Education & Certification • College degree in a related field and/or 8-10 years equivalent work experience dealing with IT vendors and network providers. • Certifications in IT infrastructure, Microsoft technologies, and Cisco technologies are a plus. Knowledge & Experience • Working technical knowledge of Microsoft technologies, Cisco routers/switches, Palo Alto firewalls, and Avaya Aura systems. • Proficiency in managing a fully converged WAN data network using Meraki SD-WAN infrastructure. • Strong knowledge of VPN and protocols used in EDI transmissions and user connectivity. • Hands-on experience with the configuration/installation, implementation, maintenance, and tuning of IT equipment. • Knowledge of infrastructure monitoring applications such as SolarWinds and WhatsUp management tools. • Familiarity with Microsoft Office applications including Outlook, Excel, and Word. Personal Attributes • Understanding of the organization’s goals and objectives. • Strong interpersonal skills, oral communication skills, and proven analytical and problem-solving abilities. • Highly self-motivated and directed. • Ability to conduct research into IT issues and products as required. • Strong customer service skills and the ability to work in a team-oriented, collaborative environment. Work Conditions • Office environment with occasional on-call availability as needed to solve problems. • Occasional inspection of cables and wiring. • Occasional visits to data centers to administrate, repair, install, or decommission IT equipment. • Regular lifting and transporting of moderately heavy objects, such as IT equipment and peripherals. Proficiency Requirements: As Systems Integration Specialist, candidates should demonstrate a high level of proficiency in the following key areas: 1. Network Infrastructure: • Design and Architecture: Demonstrated expertise in designing, implementing, and maintaining robust and scalable network infrastructures. Knowledge of DHCP and DNS protocols. • Routing and Switching: Knowledge of routing protocols (e.g., OSPF, BGP) and switching technologies (e.g., HSRP, LACP, VLANs/SVIs, 802.1q), with the ability to optimize network traffic. • Network Security: Proficiency in implementing and managing network security measures, including firewalls, intrusion detection/prevention systems, and VPNs. Proficiency with packet capture tools a plus. • Quality of Service (QoS): Experience in implementing QoS policies to prioritize and optimize network traffic based on business requirements. 2. Server Infrastructure: • Architecture and Design: Strong understanding of design and administration of merged physical and virtual server environments. • Configuration: Configure and administrate physical and virtual servers using iLO, iDRAC, Hyper-V and VMWare • Hardware: Familiarity with HP and Dell server hardware; past and current generations • Software: Familiarity with Windows Server 2008/R2, 2012, 2016, 2019, 2022, System Center, Failover Cluster management, and PowerShell scripting. • Storage: Familiarity with SAN, NAS, and backup/dedupe technologies such as Lefthand, Dell Data Domain, IBM Power Vault, and Cohesity backup/recovery solutions. 3. Active Directory: • Architecture and Design: Familiarity with the architecture and design of Active Directory environments, including forest and domain design, replication, and trust relationships. • User and Group Management: Proficiency in managing user accounts, groups, and organizational units within an Active Directory environment. • Group Policy: Experience in designing and implementing Group Policy Objects (GPOs) for centralized management and configuration of network resources. 4. Certificate Services: • Public and Private Key Infrastructure: Knowledge of Public Key Infrastructure (PKI) concepts and hands-on experience with the implementation and management of Certificate Services. • SSL/TLS Certificates: Experience in managing SSL/TLS certificates, including issuance, renewal, and troubleshooting certificate-related issues. • Security Protocols: Familiarity with security protocols such as HTTPS, TLS, and their integration within the overall network security strategy. 5. Power Platform Fundamentals: • Power BI: Understanding and experience with Power BI for data visualization, reporting, and business intelligence. • Power Apps: Proficiency in creating custom applications using Power Apps to streamline and automate business processes. • Power Automate: Knowledge of Power Automate for designing automated workflows and integrations between different applications and services. 6. Azure/Entra ID: • Cloud Services: Experience with Microsoft Azure, including proficiency in deploying and managing cloud services, virtual machines, and storage solutions. • Identity and Access Management: In-depth understanding and hands-on experience with Azure Active Directory (Azure AD) and Entra ID for efficient identity and access management in cloud environments. • Security and Compliance: Knowledge of Azure security features, compliance standards, and the implementation of security best practices. 7. Wi-Fi Technologies: • Wi-Fi Standards: Knowledge of Wi-Fi standards (e.g., 802.11ac, 802.11ax) and the ability to leverage the latest technologies for enhanced wireless performance. • Security and Authentication: Proficiency in implementing wireless security measures, such as WPA3, and configuring authentication protocols to ensure a secure Wi-Fi environment. 8. Cybersecurity Strategy, Planning, and Design: • Risk Assessment: Conduct comprehensive risk assessments to identify and evaluate potential cybersecurity threats and vulnerabilities. • Strategic Planning: Work with infosec team to develop and implement a robust cybersecurity strategy aligned with the organization's goals, considering the global and dynamic nature of the corporation. • Network Security: Design and implement secure network architectures, incorporating firewalls, intrusion detection/prevention systems, and VPNs. 9. Incident Response and Management: • Incident Handling: Lead incident response efforts, including detection, analysis, containment, eradication, and recovery from cybersecurity incidents. • Post-Incident Analysis: Conduct thorough post-incident analysis to identify root causes and enhance the incident response plan. 10. Identity and Access Management (IAM): • IAM Policies: Develop and enforce IAM policies, ensuring that access controls are aligned with the principle of least privilege. • Multi-Factor Authentication (MFA): Implement MFA solutions to enhance the security of user authentication processes. 11. Security Technologies: • Endpoint Protection: Implement and manage advanced endpoint protection solutions to secure devices across the organization. • Security Information and Event Management (SIEM): Utilize SIEM tools for real-time monitoring, correlation of security events, and proactive threat detection. • Advanced Threat Detection: Implement advanced threat detection technologies to identify and respond to sophisticated cyber threats. 12. Compliance and Auditing: • Regulatory Compliance: Ensure compliance with relevant cybersecurity regulations and standards applicable to a large global corporation. • Regular Audits: Participate in internal cybersecurity audits and assessments to evaluate the effectiveness of security controls. 13. Electronic Data Interchange (EDI): • PaloAlto Firewalls (architect) • Global Protect VPN/Prisma Access (architect) • Shell scripting, Python (e.g., web scraping to support Palo Alto firewalls for external blocklists) • TCP/IP (core & management services DNS, DHCP, SNMP) • TCP/IP (end user services FTP, HTTP, SMTP, SSH, Telnet) • SSL/TLS Certificates • EDI - Supported infrastructure -Hardware, Firewalls, Servers, safe-lists for EDI trusted partners • EDI - Supported Applications - AS2/FTP/SFTP/SSL for secure B2B transactions, Trusted Link, OpenText Liaison/BizManager Communications Software • Experience with IBMi iSeries applications a plus.