• The Principal Network Security Engineer's primary areas of responsibility include ensuring there are defined standards in place, manage the technical lifecycle of products and services, lead a small of high performing engineers, deliver change/transformation against created designs; always ensuring a smooth transition/handover to Network Operations with adjunct supported to the Operations as needed.
• Defining and documenting Network Security Standards
• Creation of Low Level Design documents to meet requirements outlined in the High Level Design
• Creation of detailed Implementation Plans for all engineering related activity
• Procurement activities relating to build and delivery of new services (Project)
• Ensuring the smooth Transition/Handover to Operations in line with agreed Operational Acceptance Process
• Managing Technical Lifecycle Management for all Network & Communications services
• Supporting Architecture in creation and upkeep of a Delivery Roadmap for Network Security
• Supporting the Architecture in scoping activities required to produce the High Level Design
• Supporting Architecture in undertaking Proof of Concept activities
• Ensuring skillsets are relevant and up to date in order to deliver change and provide a high level of support
• Providing escalation support to Operations with complex troubleshooting of Major Incidents as required
• Provide on call escalation support (rota basis) and work extended hours when required

Core Skills & Experience:

• A minimum 10+ years of hands on experience of network security solutions within a global enterprise scale organization (5,000-50,000 users) with both traditional datacenters and Cloud.
• Considerable first-hand experience of design engineering and building resilient and scalable security solutions, ideally within finance or investment banking.
• Cybersecurity principles, global financial services business models, as well as regional compliance standards, relevant local regulations, and applicable laws
• The concepts of risk and compliance and how to translate these into effective security solutions.
• Appreciation of automation and orchestration and will have experience of scripting against an API
• Strong understanding of Layer 2, Layer 3 & Layer 4-7 network and security technologies.
• Familiar with a variety of testing tools, networking technologies and techniques to accurately troubleshoot and resolve complex technical problems associated with the service, application and network hardware and software.

Technical Skills & Experience:

• You will have expert knowledge and experience in several of the following areas:
• NGFW platforms and management tools such as Tufin
• Network Access Control in enterprise environments
• Application Delivery & Load balancers
• Public and Private cloud security
• Workflow automation
• Routing and switching
• WAN Optimization
• DNS, IPAM and DHCP

It is desirable and advantageous to also have knowledge and experience of the following technology platforms:

• Check Point, Fortinet, Tufin
• Forescout, Cisco ISE
• F5, Netscaler
• Infoblox
• Microsoft Active Directory, CyberArk
• Azure log analytics
• Akamai CDN
• Illumio
• Zscaler
• Python
• Ansible, Terraform
• Azure and AWS native firewall and load balancing

Technical Certification:

• It is desirable and advantageous to have the following certification or demonstrable working experience:
• Check Point CSSE
• CISSP
• ITILv3 foundation or higher
• Zscaler fundamentals certification, advanced preferred
• F5

Personal Attributes:

• Highly organized and have proven ability to operate well under pressure, working to tight deadlines
• Have good problem management and customer service skills.
• A positive attitude and be capable of remaining positive even when under immense pressure.
• Able to work with global teams to deliver projects, often at pace and under challenging circumstances.
• High professional standards, who never accepts the status-quo; who challenges why things are done the way they are.
• Strong communicator, both written and verbal
• Discourage hero culture and ensure the team always comes before the individual, although always ensuring for the welfare of staff at all times.
• Always act with integrity and embrace the philosophy of treating our customers fairly (compulsory)
• Work effectively as one IT community across the regions and the business
• Embrace the philosophy and principles of group IT
• Understand and apply Northern Trust’s working practices, policies and procedures

NA