Lead Solution/Senior Solution Advisor - Cyber Threat Management - Big4

Specific Skills Required :

Cyber Threat Management

- Coordinate efforts to provide control of ingress points across the enterprise network

- Manage access control standardization across the enterprise network

- Manage guest access management configuration

- Manage authentication, authorization, accounting, posture and profiler configuration

- Provide assessments of the enterprise network and remediate findings

- Provide analysis and resolution of networking problems

- Recommend changes, as required, to network topologies that minimize down-time

- Provide the design, build, testing and implementation of load balancer iRule deployment

- Manage efforts to configure F5 APM authentication, authorization and accounting (AAA) methods for web base application authentication

- Manage efforts to configure F5 Edge Client connectivity profiles and client packages

- Proactive/reactive monitoring of the F5 authentication and authorization environment

- Provide assessments on F5 load balancing configuration and remediate findings

- Experience designing encryption and/or tokenization solution architectures

- Experience implementing encryption and/or tokenization solutions in enterprise environments

- Expertise in developing, implementing, testing, and configuring encryption and tokenization technology solutions

- Assist with development of secure network architecture designs

- Develop, document, and maintain network security architecture and strategy

- Conduct periodic and ad hoc reviews of configuration of network security tools and technologies

- Prioritize and coordinate network security tasks across the team

- Define and track network security metrics

- Play a supporting role in onboarding logs, defining requirements, and providing feedback for tuning of SIEM use cases (ArcSight)

Job Qualifications

- Knowledge of the network planning, implementation and support processes and procedures

- Experience maintaining and deploying network and security services

- Cisco Identity Services Engine (ISE) implementation experience required.

- Solid experience configuring, deploying, installing, and troubleshooting Cisco routers and switches.

- Hands on experience with packet capture analyzers, TCP/IP subnetting, Telnet/SSH Clients, Raritan or Terminal Server Remote Access

- Experience with F5 load balancer and iRules configuration

- Experience with F5 modules APM and Edge Client

- Experience in configuring advance load balancing algorithm like (but not limited to) cookie persistence, priority group, etc.

- Experience with data protection tools such as DLP (Websense)

- Working knowledge of TCP/IP networking services such as DNS, DNSSEC, UNIX, switches, routers and firewalls in Internet environments

- Ability to troubleshoot web load balancing through use of tools such as Fiddler, HTTPWatch, etc.

- Configuring, tuning, and troubleshooting of encryption solutions such as Oracle TDE, MS TDE, Voltage SecureData, Protegrity, SafeNet, Secure Islands, HP Atalla, IBM Guardium Data Encryption, or Vormetric a plus

- Understanding and knowledge of PKI and digital certificates

- Experience with multiple vendor encryption products

- Understanding of TCP/IP network protocol suite

- Understanding of Open Systems Interconnection Model (OSI) including ability to explain each of the layers physical, data link, network, transport, session, presentation, and application.

- Understanding of secure network architecture design and concepts

- Understanding of network TAPs and TAP functionality.

- Understanding of incident handling procedures and ability to respond to network security incidents effectively

- Understanding of IP networking including subnets, CIDR notation, routing protocols, etc.

- Experience with network analysis tools and technologies such as: Sniffer Pro, Wireshark, TCPDUMP, Network Miner, Ettercap, Kismet, DSniff, P0f, etc.

- Experience with network and/or vulnerability scanning tools and technologies such as: NMAP, Nessus, Angry IP Scanner, Qualys, Zenmap, eEye Retina, IBM Internet Scanner, Patchlink, Rapid7 Metasploit, GFI Languard, Nexpose, SAINT, Superscan, etc.

- Experience with Network Intrusion Detection and/or Prevention tools such as: SourceFire, IBM Proventia, HP TippingPoint, McAfee IPS, Cisco IPS, SNORT, BRO, Suricata, Argus, Security Onion, etc.

- Experience with network-based malware prevention/sandbox technologies such as: FireEye Web/E-mail, SourceFire, etc.

- Experience with industry-leading firewall technologies such as: Palo Alto, Juniper, Cisco ASA, McAfee, Stonesoft, Fortinet, Checkpoint, Sonicwall, Watchguard, etc.

Education and Experience

- Significant networking and network security background

- Vendor-specific network certification, e.g. CCNP or CCNP

Timing : 9am-6pm

BE/B.TECH/MCA or any other Fulltime Technical Degree