Network Security Engineer
The successful candidate will be a subject matter expert with hands-on experience in a wide range of Network security technologies, tools and methodologies.
This role will help engineer, automate, implement, and operate new and emerging technologies across infrastructures supporting perimeter security, DMZs, firewalls, proxies, intrusion detection, vulnerability scanning, and overall network security across the entire technology stack to support the Information Security Program (ISP). The candidate will perform periodic and on-demand system audits and vulnerability assessments on the perimeter to identify security vulnerabilities as well as develop and manage remediation.
The team fosters a collaborative environment and is building a best in class program to partner with the business to protect the Firm’s information and computer systems.
- Lead, implement and manage key monitors for network security controls to ensure appropriate security posture across the perimeter networks.
- Able to demonstrate clear understanding of current risks and threats to Network infrastructure and perimeter at technical and managerial levels.
- Provide security consultancy and engineering support for Network Security for Infosec team.
- Engineering and auditing of security standards for all DMZ (perimeter security), layer 4-7 network technologies, and network access and controls.
- Implement automation where possible for perimeter security technologies to remediate vulnerabilities, identify gaps, or create alerts and reporting.
- Liaison with key stakeholders to create and enforce Network Security policies including Technology organization, Trading units, Legal, Internal Audit, and Compliance.
- Leverage collected Intelligence to improve success in defending us against and responding to future attacks or intrusions.
- Perform periodic and on-demand system audits and vulnerability assessments perimeter to identify security vulnerabilities.
- Manage remediation efforts for any gaps reported in audits, penetration tests or recommended process improvements.
- Provide support to ensure smooth turnover from Engineering to Production – and provide mentoring to junior level security professionals.
- Develop and maintain documentation of all Network Security products including specific tools, technologies and processes.
- Participate in Information Security Incident Response activities for the Firm’s environment.
- Bachelor’s degree in Computer Science or Engineering preferred. 5 + years experience working in a technical role with a minimum of 3 + years experience focusing on information security in the financial industry (preferred).
- Hands-on technical experience with firewall configuration management and auditing (RedSeal, FireMon), Next Generation Firewalls (Palo Alto and CISCO), Load-Balancers (F5 and NetScaler), and Intrusion Detection/Prevention (Sourcefire, Firepower and DarkTrace)
- Knowledge Proxy deployment security, lifecycle, and operations practices.
- Strong knowledge of TCP/IP and other infrastructure such as DNS, Wi-Fi, virtualization, and others.
- Development, and scripting skills a huge plus (Python, Perl, shell scripting, other)
- Familiarity with hardening standards related to Network devices such as SANS, CIS, and others.
- Knowledge of technologies such as SIEM platforms (Qradar, Splunk, ELK), Cloud Services (AWS, GCP or Azure) and in routing protocols (BGP, EIGRP, OSPF) a plus.
- Possess a passion for Information Security and Networking.
- Able to prioritize in a fast moving, high pressure, constantly changing environment; high sense of urgency
- Ability to communicate and collaborate across teams.
- At least one security certification (CISSP, GCIA, CISM, etc.)
|Job Category||Full Time|