Role : Next Generation Firewall IPS (Palo Alto & Checkpoint)
Exp : 7+ Yrs
Location : Bhubaneshwar (WFO)
Education : BE/B-Tech/BCA (ONLY in Computer Science or IT Other Streams Not Accepted) OR Master's degree in CS/IT
Skills :
Job Summary
The L3 Security Engineer for IPS, Proxy, and Malware Sandboxing will be a senior member of the security team with a focus on Palo Alto and Check Point Next-Generation Firewalls (NGFW) and Anti-DDoS solutions. This is a senior role responsible for the design, implementation, and maintenance of complex security infrastructures. This position involves acting as a final escalation point for critical issues, leading incident response, and providing expert technical guidance.
Key Responsibilities
- Serve as the subject matter expert for all Next-Generation Firewall platforms, including hardware, virtual, and cloud-native firewalls (e.g. Palo Alto).
- Design, implement, and maintain the bank's Anti-DDoS solution, including both on-premises appliances and cloud-based scrubbing services.
- Configure and maintain anti-DDoS solutions (such as Arbor) to mitigate volumetric and application-layer DDoS attacks.
- Monitor DDoS threats and fine-tune protection mechanisms to ensure network availability.
- Design, configure, implement complex security policies, network address translation (NAT), and VPN tunnels.
- Provide technical guidance and mentorship to L1 and L2 analysts. Act as the final escalation point (L3) for complex security incidents and problems, providing expert resolution and support.
- Participate in a 24x7 on-call rotation to provide incident management for mission-critical services.
- Contribute to the technology roadmap by researching, evaluating & recommending new security tools & capabilities.
- Responsible for timely patch deployment, migration of firmware/software and deployment of configuration as part of migrated functionality, timely update of necessary signatures, and its functionality after taking complete precaution to avoid outage and downtime.
- Maintain network and security architecture diagram and review and update the based-on changes. Further, proper maintenance for LLD and HLD for each solution and regular update of the same.
- Provide the suggestions for any enhancements/changes that can enhance the security posture and/or add business value to the delivery framework.
- Develop and document standard operating procedures and runbooks for incident response related to IPS, proxy, and sandboxing events.
- Shall analyze incidents independently & identify root cause and act for containment and remediation.
- Provides engineering analysis and architectural design of technical solutions.
- Sound analytical and troubleshooting skills and good Team Management & co-ordination skills.
