AVP / Senior Associate, Firewall Engineer, Technology Services, Technology and Operations
Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels. Responsibilities
Administration and management (technical operations) of firewall infrastructure Evaluate and upgrade firewall hardware and/or firmware Coordinate with vendor, deploy, configure and manage Firewall devices according to system engineering design. Coordinate with information security governance team to align IT infrastructure with established standards. Ensures system compliance with all established information security policies Perform period health check and tuning of firewall devices. Performs technical assessment of any non-well defined or complex firewall change requests prior to implementation. Performs regular review of firewall rulebases and recommend necessary optimization actions Assists Level 1 Support Engineers during problem determination and resolution whenever necessary. Planning and recommending overall improvements in firewall management Device Access management Advanced troubleshooting production problems with RCA and fault diagnosis Performance and historical trend analysis Implements changes to firewall infrastructure hardware in order to correct errors or enhance functionality Develops processes for improving operational efficiencies, as well as identifies/implements automation tools for existing manual processes. Prepares technical reports, memoranda, and instructional manuals as documentation of network design and operational requirements. Management of network daily activities; incident and problem management Responsible to work with respective team members on the review of network architecture and design Responsible to work with the respective server and application teams' members Responsible to work with the respective network vendors' teams for the trouble-shooting, identification and resolution of network problems Responsible for network devices, as well as appliances, vulnerability review and assessment. Responsible for network devices, as well as appliances, change implementation review and assessment Responsible to conduct pre / post implementation plan review Responsible to conduct and train Level 1 engineers, i.e. to empower and equipped the L1 engineers with the knowledge to run and maintain Data center network Coordinate with information security governance team to align IT infrastructure with established standards Change requests prior to implementation. Advanced troubleshooting production problems with RCA and fault diagnosis Design and monitor operations metrics on a monthly basis to keep track of key operation metrics Ready to work in shifts including public holidays Ready to be on call for 24x7 support during shifts Requirement
Experience: Minimum 8 years firewall operations and/or management role Education: Minimum Bachelor's degree in engineering or science Certification : CCSA, CCSE, JNCIA-FWV, JNCIA-SEC, JNCIS-SEC (Preferred but not mandatory CISSP, CISM, ITIL Foundation) Checkpoint Firewalls, Juniper Netscreen / SRX Firewalls, VPN Technologies, DNS, NTP, 2 Factor Authentication technologies. Strong verbal, written, interpersonal communications in English skills. Ability to work independently or as a team player. Experience in highly complex data center network design and support Experience with Cisco and Arista products specially DCI technology Experience with Cisco and Arista Software Define network (ACI, DNAC, etc) Strong hands on experiences on Fabric Patch, OTV, VPC+, Vxlan, Mlag, MP-BGP Knowledge and experience in employing and using various networking trace tools, i.e. Sniffer, Wireshark, riverbed net profiler, NetBrain, Gigamon and etc. Pro-active, dynamic and with good analytical/conceptual thinking. Certifications such as CCIE or above level in networking is an advantage Python or Linux shell scripting skill is a plus Apply Now
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.