Network Security Engineer

Direct Responsibilities • Monitor and control tasks to ensure IT Governance on Network Security processes are executed correctly • Design, validate, implement and document end-to-end processes workflows on security implementations • Handle internal customer inquiries with firewall consultation and troubleshoot technical issues effectively. • Ensure to complete the deliverables for global projects within the scope of ProdSec – Network Security • Implement the network segmentation concepts to achieve Zero-trust network solutions and micro segmentation solutions • Implement firewall rules and troubleshoot when incidents occur. Participate in update/upgrade/migration of security tools used by the team • Manage Zero-Day web-security vulnerabilities and lead security-operations activities. • Analyze web-security policies and signature updates, assess risk to banking applications, and recommend mitigations. • Liaise with external vendors for technical support and new-project solutions. • Identify process improvement opportunities and automate or finetune workflows using existing or new tools. • Participate in update/upgrade/migration of security tools used by the team. • Maintain clear and functional documentations on process guides, technical instructions, etc. • Support additional tasks and initiatives within the Network-Security team as required.

Contributing Responsibilities • Participate in the Permanent Control framework, helping to embed policies and procedures (e.g., Control Plan) into daily operations. • Assist with Internal-Audit response activities. • Contribute to the enhancement of Production-Security tools used for tracking and managing security incidents.

Technical & Behavioral Competencies Technical • Bachelor’s degree in computer science or a related field • At least 5years of experience in the IT Security domain, experience in Network Security skills is most preferred • Proficient in Microsoft office products and ServiceNow. • Strong fundamental understanding of Network Security, Network and Micro-segmentation and its real-world applications • Must have knowledge on the Firewall Rule coding and Rule analysis on the FortiGate / FortiManager, Checkpoint R81.10 or R81.20 Smart console • Hands-on experience in firewall filtering mechanisms and must be good in understanding far-end coding and Zero-trust network principles • Experience in Illumio PCE Version 24.X and implementation of micro-segmentation with label-based policy implementation will be highly preferred • Handle the WAF operations – signature updates, enforcements and review the application security events and take appropriate actions in strengthening application security policies.
• Working experience on F5 ASM, Broadcom AVI Nextgen Load balancing/ WAF module is recommended • Proficiency in writing programming/scripting languages (Python, PowerBI, any other language) is a plus • Experience in handling production issues and collaborate with other operational teams and drive for the root cause analysis • Extend the support in the off-business hours to fix any production impacting security incidents

Behavioral • Organized and self-motivated, autonomous • Curious and highly implicated in IT Security • Service-oriented • Experience in Project management, must be able to work in dynamic, rapidly changing environments.

Specific Qualifications (if required) • Any Firewall/NAC Certification, WAF and Any relevant Security Certification.