The Security Transition and Integration Team is seeking a Perimeter Engineer to support Cybersecurity Release & Deployment (new deployments of Security Systems in support of high-profile projects) and Lifecycle Management Refresh initiatives (Upgrading Hardware and Software to mitigate End-of-Life equipment or Non-Permitted Technologies). While the role primarily has an implantation and validation engineering focus, a strong understanding of design and build principles is required.
Position Summary / Job Description
The Perimeter Engineer candidate will support all technical and strategic initiatives. Responsibilities will be to ensure technical planning and logistics occur to achieve targeted schedules and annual commitment to refresh and build new DMZs are met, while incurring zero impact to the network.
The Individual must possess the ability to analyze and understand a variety of existing and evolving business requirements, interface with technology engagement teams and provide best in class Firewall & IDS solutions that align to meet business and technology requirements.
Candidate will be a strong engineering minded individual with polished collaboration, written, and oral communication skills. Must have a proven track record interacting with various levels of management, clients, and technical team members in delivering technical Perimeter solutions.
This highly dynamic position will require the ability to manage multiple technical project engagements requiring the candidate to be a team player that can also work independently to manage multiple deadlines, priorities and a diverse set of applications and requirements.
- The Implementation Engineer plays a critical role in Release & Deployment project delivery and Lifecycle Management activities. Candidate is responsible for fully understanding various technical requests, vetting the proposed solution, and implementing changes with associated work tasks, which delivers the intended outcome with zero impact to the production network.
- Detailed implementation plans will be reviewed for all designs, pre and post validation procedures, UAT acceptance criteria, and back-out plans. Candidate must understand how designs turn into Implementation, and those Implementations to be based upon standards and predefined runbooks.
- Operate quality assurance functions prior to each implementation to meet engineering standards and mitigate risks. Proactively raise questions and/or concerns to the Design Engineering team to address them prior to change implementation.
- Build and Operate various Firewall platforms (Fortinet, Checkpoint, TippingPoint IDS/IPS), and respective management systems.
- Adheres to work effort and project close-out practices such as database updates, asset tracking, inventory systems, records retention, and the related systems, tools, and process updates.
- Works with Perimeter Security Architecture and Engineering in a “knowledge sharing” capacity in support of adoption of the new technology, systems or process changes. Identify opportunities to improve service delivery and objectively measure the effects of these efforts over time.
- Understanding of the Bank’s Network Infrastructure and associated Risk Management practices are highly recommended to remain successful.
- Knowledge of DMZ Networking and Cisco Routing/Switching is a plus.
Primary Skills Required:
- Must have five plus years’ experience building/operating various firewall platforms including Fortinet and Check Point. Must have Fortinet strong Fortinet experience
- Must have five plus years’ experience with FortiManager, FortiAnalyzer, and Check Point Provider 1 Management Systems (Smartview Manager and Tracker).
- Must have solid experience with IDS/IPS products (i.e. TippingPoint and Fortinet).
- Extremely strong knowledge of network routing/switching (routing protocols, multicast, other LAN protocols).
- Functional understanding of diverse set of networked applications requiring perimeter management solutions, including HTTP, HTTPS, SSH, FTP, DNS, NTP, ANYCAST services, and others.
- Must have DMZ Network infrastructure knowledge including topology, security policies, firewalls and the L2/L3 switch and router infrastructure is required.
- Ability to work nights and weekends as required to support implementation activities.
- Excellent oral and written communication – must be able to communicate at all organizational levels. Strong communication skills to work with senior management to provide status updates, deliver requirements and report details at correct level.
- Strong attention to detail and ability to follow an existing refined process, while also seeking continual improvements. Assess and advise of solutions to improve processes.
- Strong analytical, problem solving, and organizational skills required.
- Proven ability to effectively collaborate with others, make decisions to initiate action, and adapt to change.
- Bank experience highly recommended along with comprehensive knowledge of business unit’s functions.
- Proactively engage to assess readiness and ensure zero impact from changes.
- Leadership skills during technical troubleshooting triages – strong analytical skills.
- In depth engineering experience in perimeter solutions, including the design, low level engineering, and delivery of new hardware systems for client applications across the enterprise DMZ.
- Development and maintenance of High Level and Low-Level Design diagrams/documentation.
- DMZ Network infrastructure knowledge including topology, security policies, firewalls and the L2/L3 switch and router infrastructure is required.
- Programming skills a plus: sh, Perl, Python, Golang, C, C++.
- Administrator level ability with UNIX (Linux or another variant) is highly desirable.
- Bachelor’s degree or 5-10 years of IT experience with Firewalls solutions.
1st shift (United States of America)
Hours Per Week:
Learn more about this role