Wymagania
Responsibilities:• Support the Service Manager in defining and maintaining the network security service strategy - with focus on network security products (e.g. product roadmap) and secure network design
• Provide network security product consulting and advisory services
• Manage products to ensure security value is being delivered
• Plan the product life cycle in alignment with the network security service strategy including the decommissioning and technology refresh of supported products
• Maintain awareness of the current cyber threat landscape in order to make recommendations on how to more efficiently detect and mitigate cyber incidents
• Work closely with key stakeholders, including Security Operations, Service Delivery, Networks / Infrastructure, and IT Risk teams to capture and process requirements (prioritization, approval, escalation, etc.) in alignment with the relevant Business Analyst
• Propose continuous methods to improve the Network Security service and underlying technologies
• Negotiate and manage product related Operational Level Agreements (OLA's) with internal providers (e.g. production support)
• Maintain up-to-date asset inventory information and ensures quality of network security assets (i.e. accurate and up-to-date product documentation such as Product Features, Requirements Specification, Architecture, Test Repository, User Manuals, Operational Manuals, etc.)
• Ensure that network security products adhere to UBS enterprise requirements and dependencies for all systems deployed into production
• Ensure that all risk assessments, project milestones and artefacts in the SDLC process have been completed
• Develop, maintain and test System Recovery Plans (SRPs) for network security tools
• Coordinate all development related activities regarding 3rd level support, business continuity management (BCM) & Crisis Management Requirements:
• Minimum 5 years of IT security experience
• Solid knowledge and practical application of Networking (TCP/IP) and cyber security concepts
• Strong work experience in three or more of the following technologies and disciplines: Intrusion Detection & Prevention, Network Tap and Tap Aggregation, Anti-malware and E-mail protection, IP and DNS Sinkholes, DDoS monitoring and mitigation, Security Logging and Monitoring (i.e. SIEM), Network packet capture & Netflow, Web application firewalls, Honeypots / Honeynets, Cyber incident detection, mitigation and response
• Experience in enterprise deployment and support of security solutions
• Strong working knowledge in designing secure networks for application infrastructure with relevant knowledge of firewalls, proxy servers, load balancers and other network devices; as well as network segmentation, DNS architecture, etc.
• Very good written and spoken English
• Excellent analytical, problem-solving and technical skills
Additional assets:
• Professional certifications (i.e. CISSP, GIAC)
• Vendor-specific certifications (i.e. Cisco, Sourcefire, FireEye, ArcSight, McAfee, etc.)
• Experience in working in heavily regulated environments, preferably in the finance sector