Job Description:
This job is responsible for tool and service designs within a technical domain that enable
business strategies in accordance with architectural governance, standards and policies. Key
responsibilities include creating infrastructure tools and their integration as a service,
facilitating deployment of technical solutions by developing templates, playbooks and
automation used during implementation. Job expectations include looking for opportunities
to improve efficiency when implementing and maintaining tools/services and embracing a
culture of innovation and continuous improvement.
Responsibilities:
• Provides subject matter expertise and consulting services on a range of technologies
and assists Technical Analysts and Infrastructure Engineers to ensure that technology
solutions comply with enterprise system design and engineering standards
• Assists with translating business requirements into technical definitions, reference
models, blueprints, and playbooks for deployment in compliance with architecture
standards and policies
• Assists in the evaluation of reference models, blueprints and playbooks to ensure they
are fit for purpose
• Develops software solutions to address manual and repeatable work or inefficient
processes
• Conducts on-site evaluations of third-party products being considered for firm
adoption
• Promotes an inclusive and healthy working environment and helps to resolve
organizational impediments/blockers
• Contributes to the creation/selection of functional and non-functional product
evaluation requirements within and across domains
• To design global enterprise solutions that adhere to information security requirements
while meeting business needs to establish secure network connectivity leveraging
varying proxy, firewall and content inspection systems for malware prevention, data
loss prevention, and forensic analysis
Required Qualifications:
• Mid to senior level expertise in one of the following (in order of desirability):
o McAfee Web Gateway,
o Fortinet and Checkpoint Firewalls,
o TippingPoint IDS/IPS,
o FireEye (NX/VX/CM),
o F5 (SSLO, ASM, ATM),
o F5 LTM, GTM
• Expertise with web proxies for advanced content filtering
• Expertise in malware prevention and data loss prevention systems, including Day Zero
threat prevention
• MUST have extensive knowledge on fundamental networking concepts of DNS, DHCP,
Firewalls. Load balancing, IPS, basic routing/switching; excellent understanding of
TCP/IP and packet analysis
• Expertise in creating Application and network diagrams including all pertinent flows
and decisions.
• Capability to summarize complex issues into executive summaries
• Basic understanding of Cryptography, SSL certificates, SSL decryption / offload
methodologies, HSM/HSMaaS
Desired Qualifications:
• Understanding of cloud encryption and tokenization (i.e., Salesforce topology and
integration of Salesforce / Servicenow clouds with Cloud encryption gateway)
• Expertise in Virtualization, ESXi server management, vSphere, vCenter, vSAN, vMotion
to transform hardware based infrastructure to virtual platforms
• Experience in automation scripts (such as Ansible, Terraform)
• Programming expertise; scripting/automation of various security products
• Understanding of Machine learning, data modeling and perform advanced analytics
• Expertise in Linux, Python, Apache, HTML + Bootstrap, and SQL.
• Leveraging APIs to enhance automation routines.
• 5+ years of overall networking experience
• Familiarity with the following tools and/or platforms helpful:
o Zscaler, Radware, FireEye, Websense, Scansafe, Ironport, , Damballa, Vontu,
Skyhigh, Palantir, Cloudera platforms
o CipherCloud or similar cloud encryption technology
o SEIM tools such as Arcsight, Splunk
Skills:
• Analytical Thinking
• Application Development
• Automation
• Production Support
• Risk Management
• Adaptability
• Business Acumen
• DevOps Practices
• Solution Delivery Process
• Solution Design
• Architecture
• Collaboration
• Innovative Thinking