Senior Web Security Engineer

About The Position

Requirements

• Moderate-Advance direct experience with Proxy technologies
• Netskope, Bluecoat, Fortinet, PaloAlto, ZScaler, ZPA, SSLi, Cloud DLP, Cloud Sandboxing
• Moderate-Advanced proxy experience required including engineering of flows via proxy and client access for troubleshooting; Netskope, Bluecoat ProxySG Appliance, Netskope or Zscaler experience preferred
• Must know how to integrate external services with proxies via ICAP, proxy chaining, and service offloads
• Moderate cloud security experience across at least a couple of the more cloud providers (Azure, O365, AWS, etc.)
• Excellent understanding and experience designing and implementing Web security solutions
• Good understanding on Web Proxy infrastructure serving various application layer protocols such as HTTP/HTTPs/SOCKS/FTP/ICAP
• Scripting and Development Skills (Perl, Python or Shell)
• Moderate Linux Sys admin experience
• Interpersonal Skills - Communication, flexibility, self-driven, team player
• Strong general networking background (Firewalls, Routing, Load Balancing, OSI Model, Packet trace and analysis, etc.)
• Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc.
• Ideal candidate would be able to intelligently dissect all 7 layers of the OSI stack
• Experience working in DMZ environments with good understanding of hardware load-balancing, firewalls, multi-tiered architectures
• Experience implementing or maintaining monitoring for network security infrastructure

Nice To Haves

• Hands-on experience with Fortinet/Fortimanager appliances
• Hands-on proxy knowledge: Netskope, Bluecoat, and/or Zscaler experience preferred
• Hands-on CASB design, architecture and deployment (SkyHigh, Symantec, etc.)
• Knowledge of Data Protection Practices (data at rest, in use, in motion, etc.) and their practical implementations
• Practical knowledge of web malware, its propagation and mitigation strategies
• CISSP or similar recognized cyber security qualifications
• Experience operating in large, siloed enterprise environments
• Project Management Skills with experience on enterprise projects
• Web and database development skills (HTML, JavaScript, SQL, ETL)
• Web Proxy Bluecoat/ZScaler or other major web proxy competitor
• Experience within the financial services industry is preferred

Responsibilities

• Provide Level 3 Operations support for a global perimeter Web proxy and Web security enterprise infrastructure
• Maintain Web security infrastructure, providing stability by developing tools, policies, processes and procedures for the operations teams
• Lead projects, analyze and prioritize workload based on business risk and requirements
• Take ownership of incidents, problems, follow-up actions and manage to resolution
• Plan, review production changes following firm Change Management process and procedure
• Provide Web Security consultancy services to other internal Technology teams
• Provides architecture assurance on Web Security initiatives
• Establish effective working relationships with Engineering counterparts and other stakeholders operating in the Web Security space
• Provide a secure environment, by implementing controls to manage and mitigate risks
• Develop automated metrics reporting capabilities
• Create, review, maintain and update documentation including Documenting & Publishing fixes in our central knowledge base
• Work with global colleagues to provide globally consistent processes and solutions
• Investigate & Troubleshoot root causes when escalated from operations
• Escalate and liaise with additional internal/external groups when required
• Input into Business Continuity Planning and Practices
• Integration and testing, and deployment of Web Proxy technologies with leading network DLP or Malware scanning solutions
• Collaborating with leads responsible for web and application servers, load-balancers and web authentication infrastructure
• Working with colleague subject matter experts in the wider organization who administer networks, logging, application architecture and other complementary technologies
• Drive determination and implementation of security best practice in our web platforms and infrastructure
• Research into vendor and open-source solutions in the web security space, and determination of their place in our overall solution
• Interfacing with technical contacts at external vendor providers and other internal teams to ensure a holistic solution is delivered and enhanced
• Training operations L2 personnel, application support groups in tools, technologies and procedures