Introduction
Our partner is a global leader in the banking sector, serving more than 200 million domestic, corporate, state, and organizational clients worldwide. It was one of the first international shared service centers in Hungary, opening its doors in 2005, presently facilitating services for 95 countries on a global level.
Tasks
This role is a member of the Cyber Security Services Engineering team, which is responsible to work on various large scale security initiatives, architectures, designs, define strategy and vision, influence stakeholders and drive the general security posture along with various peer groups and organizations.
The role is responsible for defining standards and processes for the use of Security Access Control Lists withing the partner's environment, defining framework and designing solutions for assessing the connectivity risks, managing approval workflows and proposing alternatives solutions aligned with the partner's risk appetite.
This position sits within the Global Infrastructure Defense Engineering team, who is responsible to design / develop / test and architect the partner's global network security solutions across the globe.
A Security ACL is a traffic filtering ACL in place of an approved Firewall. The goal of the role is to design and operate a framework for assessing the risk of connectivity, required compensating controls and for approving or rejecting the use of Security ACL in place of Firewall.
Also, in this role you will be proposing alternative solutions aligned with the partner's risk appetite, defining metrics for the framework and reporting the risk posture.
- Defining criteria and standards for the use of Security ACL’s aligned with Company’s risk appetite
- Define metrics for evaluation and reporting connectivity risk
- Define and develop test methodologies and verifications for the effectiveness of Security ACLs
- Design framework and automation for managing Security ACL’s
- Manage approval of Security ACLs
- Own and maintain the product life cycle of the products belonging to the Security ACL’s management solution (software/hardware versions, patch management, vulnerability threat management, End of Support) from an engineering point of view
- Engage with other engineering streams, Architecture forums and partner's businesses to develop solutions to meet current and future operational and security requirements in accordance with Company's certification standards and procedures
- Maintain relationship with key industry partners and vendors in the security field
Expectations
- Experience with multiple security disciplines and to understand layered defense concepts
- Understanding of Cyber Kill Chain
- Familiar with Encryption and key management
- Deep understanding of TCP/IP technologies
- Firewall, IDS/IPS knowledge is required
- Scripting knowledge (Bash or Python)
- Vendor independent, industry-standard based knowledge with threat and risk focused mindset
- Strong understanding of Technology Risk
- Management, and Information Security Principles
- Experience in Firewall and IDPS technologies
- Experience with threat prevention technologies
- Strong technical writing skills and be able to communicate ideas and technical designs clearly to both technical and non-technical audiences
- Leverage functional and business knowledge
- The candidate must be comfortable in working across geographies due to the global nature of the team
Advantages
- Vulnerability assessment or security audit experience
Employer's offer
- Freedom to succeed in a dynamic environment: creative and innovative ideas are encouraged and recognized
- A positive and inclusive work environment in which diversity and cross-regional work-streams are key components
- An environment conducive to developing supervisory/leadership/presentation skills and build a professional network across the organization globally
- Hybrid (office / home office) presence
Tags