Threat Prevention engineer

Job Description:

APAC Network Services organization is seeking a talented Threat Prevention Engineer to join the DMZ Security team. This role will provide technical expertise and guidance within the Perimeter Security and Threat Prevention (network web proxy and malware detection technologies) domains through the delivery of consulting services for internal clients and projects. As part of the consulting function, the consulting engineer will ensure compliance with security standards, design principles and best practices.

Position Summary:

Threat Prevention Engineer will provide subject matter expertise and consulting to high-profile projects, services, and strategic initiatives to achieve targeted objectives and protect the firm. The individual must possess the ability to analyze and understand a variety of existing and evolving business requirements, interface with technology engagement teams and provide best in class Threat solutions that align to meet business and technology requirements.

Must be a strong engineering minded individual with polished collaboration, written, and communication skills and a proven track record interacting with various levels of management, clients, and technical team members in delivering Perimeter and Threat technical solutions

Key Responsibilities:

Primary responsibilities will be to provide technical consulting for Threat Prevention (Web Proxy) solutions, traffic analysis and transforming the business requirement into PAC file, proxy policy and/or firewall/load balancing policy design. In addition, the engineer will be participating those Threat Prevention infrastructure build, migrate and upgrade initiatives globally rollout each year. The candidate must be a good team player to interface with multiple stakeholders of the project teams and with the ability to manage multiple project engagement, work independently and manage multiple deadlines, priorities among a diverse set of applications and requirements.

Lastly, this engineer will also be a Level 3 point of escalation, technical support for complex change implementations and major incidents related to Threat Prevention domains.

Required Skills:

• At least 7+ years of hands-on experience with large scale, complex network/DMZ environments preferably in the banking and finance industry
• Strong technical knowledge and hands-on experience on network web proxy or Content Filtering including McAfee WebGateway
• Experience of proxy PAC file engineering, network firewall policy /NAT engineering, DLP and malware scanning, local & site load balancing technology is an advantage
• Strong expertise in networking and network security protocols including HTTP, HTTPS, SSH, FTP, Socks, PAC files, DNS, NTP, ANYCAST services, and others
• Experience reporting, searching and or dashboarding data in Splunk
• Advanced networking troubleshooting skills and incident triaging including taking and analyzing traffic packet captures, policy research, traffic logs and system log reviews
• Strong analytical, troubleshooting and problem-solving skills and ability to collaborate with other technical areas to define complex configuration designs
• Experienced in Incident support, including managing high severity/urgent incidents, incident triaging with other network teams and vendors
• Excellent customer facing communication skills for customer support and knowledge of ITIL best practices
• Must be able to communicate at different organizational levels including senior management to provide status updates, deliver requirements and report details at the correct level
• Willing to work some irregular hours based on the needs of project deployment window and the location of clients

Desired Skills:

• B.S. degree in Computer Science, Engineering, Business, or equivalent preferred with at least 7+ years of proven experience in Network Security or CyberSecurity environments
• Experience in Web Content filtering and Threat Prevention technologies such as Bluecoat Proxies, McAfee WebGateway proxies, F5 LTM, F5 SSLO, FireEye, Vontu, McAfee DLP, VMWare NSX defender or similar solutions is highly desired
• Knowledge of web connectivity and proxying technologies, WCCP/ITD, explicit or transparent proxy, reverse proxy
• Knowledge of authentication protocols such as LDAP, Kerberos, IWA, IWA-direct, SSO, Active Directory
• Ability to manage and manipulate large data sets, databases, and reports with high attention to details and data accuracy
• Experience with ITIL processes such as change management, request management and incident management is preferred
• At least one professional level certification in Web Content filtering technologies, Network Security or Networks such as CCNA Security, CCNP, BCCPA, BCCPP, CISSP, CISA, CCSP, CEH