Infrastructure Security Senior Engineer_sk
Popis Pracovnej Pozície
Infrastructure Engineering Security team is responsible for design and deployment security solutions protecting and managing the client network. An L3/L4 resource is expected to function as the highest level of technical support and escalation for security related issues, incidents and initiatives. The person should be able to take the role of Subject Matter Expert in technical project deliverables and be responsible for end-to-end solution delivery. Network Security engineer should have sufficient infrastructure experience to have holistic view on security solution and application of security-in-depth principles.
Due-diligence of existing client’s infrastructure, analyzing physical topology, logical interconnectivity, service dependency, application flows and security constraints.
Organizing and attending meetings and workshops with the client to understand requirements, challenges and risks.
Creating and successfully presenting and backing complex designs for critical infrastructure to senior client resources at formal review boards
Developing security solution in cooperation with other teams for secure infrastructure using existing industry standards, best practices and know-hows fitting it into existing infrastructure and operations framework.
Creating designs and support documentation for the delivered infrastructure. Driving change governance-documentation in accordance to client’s processes and procedures.
Act as SME and technical escalation point for security incidents in the scope of project delivery and systems delivered by the project to the client during transition/handover period.
Vulnerability and risk management, platform selection, software production-feature set and load- testing for chosen platform.
Have 4+ year(s) of infrastructure security experience working with major firewall platforms (Palo Alto, Juniper, Cisco, Fortinet, etc.). Certificate for any of the platform is a plus.
Have 2+ year(s) experience in Data Centre Security and micro-segmentation (zero-trust model and core segmentation, NSX, ACI, Tetration, etc.) or
Have 2+ year experience with Cloud Security platforms – either cloud edge IaaS firewall or Cloud SaaS solution (Cisco CSR/vMX, Cisco AMP/SIG, CheckPoint, zScaler, PRISMA, etc.)
Have a good knowledge of networking – both classic (switching, dynamic routing protocols, static and rule-based routing, etc.) and cloud (VPC, peering, gateways, SD-WAN secure fabric). Certificate in any networking area is a plus.
Have a good knowledge of encryption and tunneling protocols (PKI, IPSec, SSL VPN, TLS, IKE, IKEv2, etc.) and cryptography in general (KEX, DH, HMAC, etc.)
Understand application protocols in context of OSI network layers and content inspection (Load-balancing, WAF, IPS, IDS, etc.), full stack engineer is a strong plus.
Understand cloud technologies and infrastructure virtualization (IaaS, PaaS, SaaS, NFV, SDN, SD-WAN)
Understand baseline security requirements and platform hardening principles.
Be flexible for international business trips to attend client meetings or workshops or perform remote site installation and configuration.
Have good verbal communication skills (English) in both technical and non-technical communications.
Have strong experience creating design documents (HLD, LLD) diagrams (Visio) and presentations (PPT)
Have good analytical mindset for problem solving under stress and time pressure.
From 3 050 EUR/month
• Guaranteed paid overtime or overtime vacation
• German language bonus up to 400€ monthly/gross depending on language proficiency and level of seniority
• Flexible Benefit System - budget to be spent on services of your choice
• Competitive bonus structure
• Refer-a-Friend – get a bonus in the employee referral program
• Loyalty rewards
• Flexible working arrangements (time & place of work)
• Wide range of trainings and expert lectures
• Regular performance review and career growth possibilities
• Ongoing career guidance and mentoring (Global Mentoring Program, Lean In)
• Employee share purchase plan
Family & Health:
• 3 extra days off
• Sick leave salary compensation (up to 90%)
• Home-office equipment
• Family oriented benefits (Wedding, Parental and Baby days-off and bonuses)
• Employee assistance services (professional psychological, financial and legal help)
• Multisport card