Senior Network Security Technology Engineer Contract

Senior Network Security Technology Engineer Job Description

Roles and Responsibilities
We are looking for a Senior Network Security professional with wider skill set across:

• Network security,

• Networks and virtualization (Private Cloud)

• Networks

The candidate should be able to demonstrate stronger skill set and experience in network security

domain, while having a good knowledge and understanding of the network technologies in general.

The Challenge

The candidate is expected to work on a new DC data center project focusing on network security

domain. The deliverables will require the candidate to take part in initial DC design discussions, HLD,

LLD. The candidate is not expected to lead the design phase but contribute towards the design from the

network security domain perspective as one of the key stakeholders in the overall DC design.

The new DC will be built using a private cloud virtualization platform either (VMware or OLVM)

depending on the final design. The incumbent is expected to hold good understanding and knowledge of

virtualization technologies at a high level. Any virtualization experience would be very helpful.

This opportunity is a mixture of design and hands-on role, which requires the candidate to be good at

both verticals. (Specially the hands-on part)

Network Security Skills

• Good understanding of network security architecture in enterprise network environments (Zero
trust networks)

• Good understanding of Application layer protocols

• Good understanding of TCP/IP protocol and its troubleshooting from a network security
perspective

• Good understanding of DDOS attacks and awareness of DDOS mitigation controls and tools

• Good understanding of IPS solutions, mainly Cisco source fire, Checkpoint IPS

NextGen Firewalls –

• Must have good knowledge and experience of Palo Alto, Checkpoint –

• Good knowledge and understanding of Palo Alto Panorama

• Good knowledge and understanding of Checkpoint security management appliances

• Optional: knowledge and experience of open-source firewalls such as OPNsense, PFsense

• Good understanding and experience of managing multi-factor authentication

• Good knowledge and experience of firewall management tools (Algosec, Tufin )

• Good knowledge or experience of firewall rules review / remediation-based projects

• Understanding of automation in general, any experience or involvement regarding firewall
policy change automation will be advantageous

Virtualization – Public / Private Clouds

• Good knowledge and experience of private cloud technologies (VMware, KVM, OLVM)

• Understanding of I.T terms, IaaS, PaaS, IaC

• Understanding of containers, Kubernetes PaaS environments in general

• Good to have public cloud experience across AWS, Azure or OCI

WAF – Web application Firewalls

• Good understanding of 3 tier application models

• Good understanding of HTTP and other web-based protocols

• Knowledge and experience of implementing F5 Big-IP LTM / GTM and ASM WAF features for
financial or other large organizations

• Optional: awareness and knowledge of other cloud based or on-premises WAF solutions

Web Proxy –

• Knowledge and experience of managing Bluecoat web proxy, DLP, web isolation, AV or any
other security controls

• Good to have knowledge and experience of Zscaler web proxy solution

Networking Skills (Routing/Switching)

• Good high-level understanding of network architectural designs (legacy 3-tiered model vs
leaf/spine)

• Good understanding of OSPF / BGP routing protocols

• Load balancers skills (Big-IP F5 knowledge/experience or any other opensource load balancers
(Haproxy, traefik etc.)

• Good understanding of CDN based service delivery using Akamai or Cloudflare

Governance:

• Good understanding and experience of change management within a major global Financial
Organization

• Good understanding and experience of ITIL framework relevant to incidents and
problem management

Management / Monitoring:

• Good understanding of industry best practices to plan and configure baseline configurations for
network security devices

• Good understanding of device monitoring via SNMP/ICMP using Solarwinds, NAGIOS, Icinga or
other similar NMS tool

Soft-Skills:

• Stakeholder management

• Self-leadership

• Effective Communication

• Transparency

• Sense of ownership

• Attention to details

• Willingness to progress