Cégleírás / Organisation/Department
This role is a member of the Cyber Security Services Perimeter Security Engineering team, which is responsible for working on various large-scale security initiatives, architectures, and designs, defining strategy and vision, influencing stakeholders and driving the general security posture along with various peer groups and organizations. The role is responsible for defining standards and processes for the use of Security Access Control Lists within our partner environment, defining a framework and designing solutions for assessing the connectivity risks, managing approval workflows and proposing alternative solutions aligned with our partner's risk appetite.
Job Background:
This position sits within the Global Infrastructure Defense Engineering team, who is responsible to design / develop / test and architect our partner's global network security solutions across the globe. A Security ACL is a traffic-filtering ACL in place of an approved Firewall. The goal of the role is to design and operate a framework for assessing the risk of connectivity, required compensating controls and for approving or rejecting the use of Security ACL in place of Firewall. Also, in this role you will be proposing alternative solutions aligned with our partner's risk appetite, defining metrics for the framework and reporting the risk posture.
Pozíció leírása / Job description
...- Defining criteria and standards for the use of Security ACL’s aligned with our partner's risk appetite.
- Define metrics for evaluation and reporting connectivity risk.
- Define and develop test methodologies and verifications for the effectiveness of Security ACLs.
- Design framework and automation for managing Security ACL’s.
- Manage approval of Security ACLs.
- Own and maintain the product life cycle of the products belonging to the Security ACL’s management solution (software/hardware versions, patch management, vulnerability threat management, End of Support) from an engineering point of view.
- Engage with other engineering streams, Architecture forums and businesses to develop solutions to meet current and future operational and security requirements by certification standards and procedures.
- Maintain relationships with key industry partners and vendors in the security field.
Elvárások / Requirements
- Experience with multiple security disciplines and
to understand layered defense concepts - Understanding of Cyber Kill Chain
- Familiar with Encryption and key management
- Deep understanding of TCP/IP technologies
- Firewall, IDS/IPS knowledge is required
- Vulnerability assessment or security audit
experience is a plus - Scripting Knowledge is desired (bash or python)
- Vendor independent, industry-standard based
knowledge with threat and risk focused mindset. - Highly organized
- Leverage functional and business knowledge
- Excellent communication and influencing skills
- Comfortable in working across geographies due to the global nature of
the team
Amit kínálunk / Offer
- opportunity to work on the internal security posture for a large financial company and thus shape the industry overall
- exposure to a broad range of investment technology businesses and products
- access to their world-class testing lab with physical hands-on using hundreds of devices in the IT security ecosystem
- competitive compensation package
- access to our client's huge training database and subscription to external online training
- a socially active team and communities with diverse networking opportunities
- flexible work arrangements
- Paid Parental Leave Program
- They offer recognition of your efforts through their compensation package with added benefits:
o Private Medical Care Program and onsite medical rooms in their buildings
o Pension Plan Contribution to Voluntary Pension Fund
o Group Life Insurance
Kapcsolattartó / Information
Boglárka Tóth
Annamária Cseh-Szombathy
annamaria.cseh-szombathy@randstad.hu
