Years of Experience: 15-18 Years

Required Duties/Roles

Highly skilled and experienced Senior Network Security Engineer who will play a key role in ensuring the robustness and security of GTA network infrastructure. The ideal candidate should have a proven track record in vendor management, extensive experience in collaborating with external parties like banks and financial institutions for API integration, and a solid background in working with government agencies for seamless integration processes. The candidate should also possess expertise in dealing with GN on integration projects and handling Change Request (CR) submissions and approvals. Proficiency in managing SSL certificates, certificate stores, and overseeing certificate renewals is essential for success in this role. He will be responsible for designing, implementing, and securing the organization's network security infrastructure, ensuring seamless migration and repatriation of data centers. The ideal candidate should have expertise in SD-WAN, IPSec redundancy, and possess hands-on experience in network security technologies. Optimize configurations for cloud services to enhance performance. Fine-tune network parameters for low latency and high throughput. Identify potential risks related to network and security architecture and implement mitigation strategies to minimize their impact. Create comprehensive documentation for the new network and security architecture, migration processes, and configurations for future reference and audits. Project management skills with a proven ability to lead and deliver projects on time and within budget.

Key Responsibilities

• Vendor Management: Collaborate with external vendors to ensure the effective integration of security measures into the network infrastructure. Evaluate and manage relationships with third-party security solution providers.
• API Integration: Work closely with banks and external parties to integrate APIs securely into our network infrastructure. Ensure compliance with industry standards and best practices for API security.
• Government Agency Collaboration: Liaise with backend government agencies to facilitate secure integration processes. Assist in the development and implementation of security measures to meet government regulatory requirements.
• GN Integration and CR Submission: Work on integration projects with GN to enhance overall network security. Manage Change Request submissions for network security improvements and updates.
• SSL Certificate Management: Oversee the management of SSL certificates, including issuance, installation, and renewal. Implement best practices for SSL certificate storage and ensure compliance with security policies.
• F5 and iRule Proficiency: Showcase proficiency in working with F5 technologies, including load balancers and application delivery controllers. Hands-on experience with iRule scripting to customize and optimize traffic management and security policies on F5 platforms.
• Technical Requirements: In-depth knowledge of network protocols, TCP/IP stack, and common network services. Familiarity with security technologies such as IDS/IPS, SIEM, DLP, and endpoint protection solutions. Experience with penetration testing tools and methodologies to identify and remediate vulnerabilities. Proficient in analyzing network traffic patterns and implementing measures to detect and mitigate anomalous activities. Sound understanding of encryption technologies and cryptographic protocols.
• Documentation and Reporting: Maintain detailed documentation of network security configurations, policies, and procedures. Prepare regular reports on network security metrics, incidents, and vulnerabilities for management review.
• Network and Security Architecture:
• Design, implement, and maintain the network architecture for optimal performance and security. Implement and manage security solutions, including NGFW, IPSec redundancy, DNS, PAM, NTP and proxy technologies. Lead the development and enhancement of security policies and procedures. Leading the POC’s and ensure successful delivery of the projects. Assess the current network architecture. Configure and deploy necessary security measures, including firewalls, VPNs, NDR and intrusion detection/prevention systems. Ensure compliance with industry standards and cloud security best practices. Perform regular security audits and monitoring to identify and address vulnerabilities.
• Cloud Migration and Repatriation:
• Lead the migration and repatriation. Plan and execute data migration to and from cloud-cloud or on premise-cloud. Collaborate with internal teams and external parties to ensure a smooth migration process. Ensure security measures are in place during data transfers between cloud platforms. SD-WAN and Network Redundancy: Implement and manage SD-WAN solutions to optimize network performance. Design and implement IPSec redundancy for secure and reliable communication. Ensure high availability and redundancy in network configurations. Expertise in business continuity planning, including the design, implementation, and setup of failover systems, as well as conducting comprehensive failover testing.
• Collaboration and Project Leadership:
• Work collaboratively with external parties and internal teams to achieve organizational goals. Lead projects related to network infrastructure, security, and cloud migrations. Provide technical guidance and mentorship / training and team building exercise to junior team members.
• Technologies:
• Proven and Hands-on experience with F5 LTM, WAF, iRule, F5 policy, and CDN technologies. Configure and manage F5 technologies to enhance application delivery and security. Hand on experience in, cloud Routing Tables, NSG, ASG, ALB, DDOS, Sentinel, defender, and all cloud network security solutions.
  
  

Qualifications

• Bachelor’s degree in computer science, Information Technology, or a related field.
• 10+ years in Network and security administration (cloud and on-premises).
• Proven experience as a Network Security Engineer, with a focus on vendor management and API integration.
• Strong background in collaborating with financial institutions and government agencies.
• In-depth knowledge of SSL certificates, certificate stores, and renewal processes.
• Familiarity with General Networking (GN) and Change Request (CR) processes.
• Relevant certifications such as CISSP, CCNP Security, CCIE, or equivalent is highly desirable.
• Excellent communication and interpersonal skills
  
  

Skills: architecture,cryptographic protocols,siem,gn,encryption technologies,sd-wan,security technologies,ntp,project leadership,industry standards,ssl certificate storage,network redundancy,vendor management,irule scripting,defender,f5 technologies,f5 ltm,nsg,ssl certificate management,certificate renewals,penetration testing,government agency collaboration,ndr,asg,ccie,sentinel,dns,security measures,alb,vpns,intrusion detection/prevention systems,network protocols,documentation of network security configurations,cloud migration,security administration,network infrastructure,ids/ips,waf,ngfw,business continuity planning,pam,documentation,change request (cr),tcp/ip stack,network security metrics,certificate stores,sd-wan solutions,cdn,cissp,ccnp security,cloud routing tables,ipsec redundancy,cloud migrations,cloud security,endpoint protection solutions,general networking (gn),government,irule,network,network security,network security engineer,dlp,change request (cr) processes,f5 policy,api integration,network architecture,ssl certificates,security policies,load balancers,change request management,ddos,firewalls,change request submissions,network and security architecture,renewal processes