Network Security Engineer

Direct Responsibilities . Monitor and control tasks to ensure IT Governance on Network Security processes are executed correctly . Design, validate, implement and document end-to-end processes workflows on security implementations . Handle internal customer inquiries with firewall consultation and troubleshoot technical issues effectively. . Ensure to complete the deliverables for global projects within the scope of ProdSec - Network Security . Implement the network segmentation concepts to achieve Zero-trust network solutions and micro segmentation solutions . Implement firewall rules and troubleshoot when incidents occur. Participate in update/upgrade/migration of security tools used by the team . Manage Zero-Day web-security vulnerabilities and lead security-operations activities. . Analyze web-security policies and signature updates, assess risk to banking applications, and recommend mitigations. . Liaise with external vendors for technical support and new-project solutions. . Identify process improvement opportunities and automate or finetune workflows using existing or new tools. . Participate in update/upgrade/migration of security tools used by the team. . Maintain clear and functional documentations on process guides, technical instructions, etc. . Support additional tasks and initiatives within the Network-Security team as required.

Contributing Responsibilities . Participate in the Permanent Control framework, helping to embed policies and procedures (e.g., Control Plan) into daily operations. . Assist with Internal-Audit response activities. . Contribute to the enhancement of Production-Security tools used for tracking and managing security incidents.

Technical & Behavioral Competencies Technical . Bachelor's degree in computer science or a related field . At least 5years of experience in the IT Security domain, experience in Network Security skills is most preferred . Proficient in Microsoft office products and ServiceNow. . Strong fundamental understanding of Network Security, Network and Micro-segmentation and its real-world applications . Must have knowledge on the Firewall Rule coding and Rule analysis on the FortiGate / FortiManager, Checkpoint R81.10 or R81.20 Smart console . Hands-on experience in firewall filtering mechanisms and must be good in understanding far-end coding and Zero-trust network principles . Experience in Illumio PCE Version 24.X and implementation of micro-segmentation with label-based policy implementation will be highly preferred . Handle the WAF operations - signature updates, enforcements and review the application security events and take appropriate actions in strengthening application security policies.
. Working experience on F5 ASM, Broadcom AVI Nextgen Load balancing/ WAF module is recommended . Proficiency in writing programming/scripting languages (Python, PowerBI, any other language) is a plus . Experience in handling production issues and collaborate with other operational teams and drive for the root cause analysis . Extend the support in the off-business hours to fix any production impacting security incidents

Behavioral . Organized and self-motivated, autonomous . Curious and highly implicated in IT Security . Service-oriented . Experience in Project management, must be able to work in dynamic, rapidly changing environments.

Specific Qualifications (if required) . Any Firewall/NAC Certification, WAF and Any relevant Security Certification.