Job description
Job Purpose:
The network engineer designs, configures, deploys and maintains the comprehensive enterprise network security infrastructure with active participation in security reports and audit responses ensuring the bank is compliant with all applicable regulations.
Job Responsibilities/ Accountabilities:
Design, configure, deploy, and maintain the state enterprise network security infrastructure
Analyse problems, recommend solutions, products, and technologies to meet business objectives.Evaluates and performs planning, testing, and implementation of software and hardware upgrades.
Actively protect bank information technology assets and infrastructure from external or internal threats and ensure that the bank complies with statutory and regulatory requirements regarding information access, security and privacy.
Implement firewall solutions to properly secure bank data and provide consultation on all new firewall implementations, firewall configuration changes, and projects requiring security operational support.
Assist the end-user, other IT professionals, and external customers in requesting security variances and implementation of subsequent configuration change requests.
Recommend best security practices to achieve stated business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results
Assist in incident response for any breaches, intrusions, or fraudulent activities.
Monitor systems for any anomalies, proper updating, and patching. This includes issues raised by information security teams.
Maintains system documentation and configuration data for regulatory and audit purposes.
Coach and guide Service Desk and Desk Side Support technicians in their incident response, directing incident first responder actions, and appropriately escalating issues.
Essential Knowledge
Good working knowledge and with basic experience of computers, servers, storage, operating systems, programming and generally good knowledge of the OSI model layers.
Demonstrated understanding of network implementation concepts including switching VLANs to segmentation, routing, IP sub-netting, unicast, multicast, broadcast, , DHCP, access control lists, routing protocols, encryption, authentication, and/or IP packet forwarding.
Mandatory knowledge and minimum five years experience in networking technology especially routing and switching technology facets of design, build, configuration and troubleshooting.
Working experience with design, implementations & Support, of infrastructure support system such as directory systems e.g. Active Directory, DHCP, DNS, NTP, PKI, virtualization.
Detailed knowledge and experience with Open Short Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), and Border Gateway Protocol (BGP), MPLS.
Direct work experience with the design and implementation of 802.11 wireless networks.
Working knowledge with one or more of security equipment namely Next Gen Firewalls, Web Application Firewalls, Intrusion Prevention Systems, Identity Services Engine,
Packet Shaping, Web Gateways (proxies) e.g. Checkpoint, Palo Alto, Source fire, Juniper, F5.
Key Critical Competencies
High personal integrity, self-motivation, accountability.
Strong grasp of technology impact on business awareness.
Excellent and effective communications skills, both orally and in writing.
Able to work independently, without direct supervision.
Strong technical, analytical and problem-solving skills in a complex environment.
Well-developed system architecture planning, design implementation and support skills.
Customer service and results oriented attitude with excellent interpersonal skills.
Ability to quickly learn, work effectively within a business or technical team.
Culture sensitivity.
Requirements:
Bachelor’s/Masters Degree in any computing discipline (Science/Engineering), from an accredited institution.
Industry accepted Certification or equivalnet from Technologies providers such as Cisco, Checkpoint, F5, Brocade, HP, Oracle, e.g. CCNP/CCIE Routing & Switching, Security, CCSA/P/E, f5-CTS,N+,A+
Strong knowledge of data, security, & operations regulations and their application including ISO, HIPAA, PCI-DSS and other applicable regulations
