Cloud Firewall Engineer

Morgan Stanley•Edison, NJ

2d•Hybrid

About The Position

In the Technology division, we leverage innovation to build the connections and capabilities that power our Firm, enabling our clients and colleagues to redefine markets and shape the future of our communities. This is a Lead Cloud & Infrastructure Engineering position at Director Level, which is part of the job family responsible for managing and optimizing technical infrastructure and ensuring the seamless operation of IT systems to support business needs effectively. Morgan Stanley is an industry leader in financial services, known for mobilizing capital to help governments, corporations, institutions, and individuals around the world achieve their financial goals. Interested in joining a team that’s eager to create, innovate and make an impact on the world? Read on. The Network Security Department implements the security strategy required to build secure infrastructure enabling rapid introduction and adoption of both new product capabilities and integrated security solutions. The global Firewall and Network Access Control Fleet is the team within Network Security Department that keeps the Morgan Stanley Security Infrastructure functioning without interruption and responds to requests and outages. On a 24x7 basis, it is responsible for client requests, security incident notifications, event management and day-to-day operations and monitoring of the Morgan Stanley Global Security Infrastructure. This resource is required for immediate and long-term support of the ownership and management of Google Cloud Platform (GCP) cloud-based firewalls by the Network Security team. The individual will be responsible for leading the evaluation of cloud firewalls in the greenfield GCP environment, communicating and coordinating with external vendors and internal technology focused teams, helping to design, deploy, and integrate the GCP cloud firewalls into BAU MS systems and processes, and leading the Firewall Fleet in the ongoing operational stability, regulatory compliance, and risk mitigation of the GCP cloud firewalls. The position is fast-paced, dynamic, and challenging, where a varied combination of technical skills and soft skills allows for the development of a well-rounded professional. This position is to be part of a global team (chiefly based in New York, Montreal, Glasgow, Hong Kong, and India) reporting to a global Network Security lead in North America. This is a hybrid onsite role – minimum 3 days a week in office. Long term work from home / virtual is not an option.

Requirements

Minimum Five years of network security administration experience preferably in the Financial Services sector.
Bachelor’s Degree in Computer Science or IT equivalent to the job description is required.
Knowledge and experience in cloud environments, with particular focus on Google Cloud Platform (GCP)
Knowledge and experience with common network security solutions (e.g. firewalls, Virtual Private Networks (VPNs), Network Address Translation (NAT), etc.)
Knowledge of packet filtering and stateful packet inspection
Scripting in any of the popular languages or tools (e.g. shell scripts, Python, Ansible, Github, Data pipeline, integration with third party vendor APIs)
Knowledge of fundamental on networking (e.g. routing, switching, VLANs, etc.)
Experience with host security (e.g., iptables, host-based firewalls)
Familiarity with Change Management and incident response techniques
Active interest in IT Security and general knowledge of Information Security
Excellent written and oral communication skills; fluent English is required
Strong interpersonal and communication skills; capable of writing documentation, making presentations to internal audience, and interacting positively with management, colleagues and customers
Independent problem-solving, highly motivated, and self-directing
Comfortable working in an engineering and support team with potential for heavy end user interaction
Ability to handle constantly changing flow of traffic; remain productive during slow times, be able to multitask effectively during busy times, exercise patience and professionalism during stressful situations.

Nice To Haves

Experience with any of the firewall platforms: Fortinet, Palo Alto, Juniper, etc.
Understanding of networking and routing protocols (e.g. static routing, BGP, etc.)
Strong understanding of networking fundamentals (OSI model, TCP Stack, network design)
Experience in customer support and experience in interacting with business users

Responsibilities

Lead the evaluation and design of cloud-based firewalls as part of a greenfield Google Cloud Platform (GCP) environment
Communicate and coordinate designs and documentation with external vendors and internal technology focused teams, including senior management
Lead the onboarding, deployment, and integration of GCP cloud-based firewalls into business-as-usual Morgan Stanley systems and processes
Lead operational support for GCP cloud-based network security solutions (e.g. GCP cloud native firewalls and/or Fortinet / Palo Alto third-party vendor solutions L3 operational support, including incident management and troubleshooting advanced issues and collaborating with technology peers internally and externally (e.g. vendors)
Implement monitoring of products and services to ensure a healthy and resilient infrastructure
Potential for off hour coverage via mobile phone (e.g. as part of an operational oncall system)
Creation/supplementation of operational runbooks
Assist in knowledge transfer (e.g. training global teammates via video recordings)

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume