Executive recruitment company Monroe Consulting Group Philippines is recruiting on behalf of a leading European bank. Our respected client is looking for a Network Security Engineer.
This role is based in BGC, Taguig City and follows a Hybrid setup with on-site reporting twice a week.
Key Job Responsibilities:
- Adapt and maintain standard firewall, load-balancer, proxy and DDI architectures and ensure supporting documentation is accurate.
- Maintain platforms (software and hardware lifecycle management) for all technology described above.
- Identify FW issues related to access policy, NATing rules and routing.
- Troubleshoot issues relating to VPN, both for site to site and user remote access perimeters.
- Support and troubleshoot all requests relative to load-balancing estate, including but not limited to virtual server management, pools and nodes management, protocol profiles customization.
- Internet access request management including additions to proxy whitelist/blacklists, exception waiver process management and follow up, liaison with proxy SMEs when policy section changes or updates required.
- Troubleshoot all internet access reported incidents.
- Manage all DDI related requests that aren't service by automatic systems - some DNS record creation/deletion/updates and DHCP management.
- Troubleshoot all DDI related incidents.
- Ensure that all systems are properly monitored and manage alerts when they happen.
- Ensure that all asset referentials are kept up to date, and manage remediation when reconciliation shows some gaps.
Key Job Qualifications:
Firewalls:
- Advanced knowledge of concepts relating to firewall platforms and related network environments (platform architecture, topologies, protocols.).
- Operational experience of Fortinet and Checkpoint technologies appreciated.
Proxies:
- Strong familiarity of http and ssl/tls protocols, and mastery of concepts related to proxy technology (functional scope and purpose, traffic intermediation and security stack.).
- Operational experience of SkyHigh and Bluecoat technologies appreciated.
Load-balancing:
- Strong familiarity of load-balancing concepts (topologies, platform architecture, load-balancing algorithms & parameters.) and DNS/GSLB load-balancing.
- Experience with F5 technology appreciated.
DNS/DHCP:
- Familiarity of concepts and architectures relating to DNS, DHCP and IPAM.
- Operational experience of Infoblox technology appreciated.
Remote access:
- Familiarity of concepts and protocols related to end-user VPNs (both IPSEC & SSL).
- Operational knowledge of Cisco ASA/FTD platforms appreciated.
Administration:
- Operational knowledge of monitoring software (Zabbix/solarwinds/HPOO/Dynatrace..) and protocols (mostly SNMP).
- Ability to use, repurpose, troubleshoot and possibly develop administration scripts (python, bash, perl).
- Operational experience of Ansible use for automation & deployment.
