Firewall Engineer
- Recruiter
- Barclays
- Location
- Knutsford
- Salary
- Competitive
- Posted
- 23 May 2017
- Closes
- 07 Jun 2017
- Sectors
- Engineering
- Contract Type
- Permanent
- Hours
- Full Time
Radbroke. Barclays Technology Campus. Where the best talent in the world can build careers full of scope, variety and reward, by creating the technical solutions that meet today's demands, answer tomorrow's questions and redefine the future of finance.
About Barclays
Barclays is a transatlantic consumer, corporate and investment bank offering products and services across personal, corporate and investment banking, credit cards and wealth management, with a strong presence in our two home markets of the UK and the US.
With over 325 years of history and expertise in banking, Barclays operates in over 40 countries and employs approximately 130,000 people. Barclays moves, lends, invests and protects money for customers and clients worldwide. Please visit our website here for more information.
GIS
Global Information Security is a fully global team, with over 800 colleagues across Europe, Asia, Africa and the Americas. We support the business in ensuring confidentiality, integrity and availability of the firm's information assets, and in implementing world-class security solutions to meet business needs.
We operate critical controls and work in partnership with the business to ensure our customers can trust Barclays to protect their sensitive information, and that the security of our critical infrastructure, staff, and assets is maintained .
Role Purpose
Continue to make the environment a safer place to do business by:
Management of Security sign-off of firewall related change activities. Manage and support of Skybox application Provide ongoing assurance that compliance requirements are being satisfied. Lead security involvement in improvement projects. Lead service improvements to further enhance firewall security assurance
Key Accountabilities
Firewall Compliance and Reporting - 45%
Become an SME on the Skybox firewall security toolset Working with other team members, provide total management and support of Skybox application Ensure we maintain full coverage of estate firewalls. Design and develop assurance mechanisms and enforce security and control objectives. Help develop monitoring mechanism on compliance status of all firewalls across the Bank. Meet the needs of key internal and external regular reporting requirement. Assess change integrity in architecture design, firewall instance deployment and rule implementations.
Security Signoff for Firewall change requests - 30%
Perform Gate keeper role for all firewall related change activities. Adherence to regulator requirement, security policies, processes and procedures. Develop and maintain deep knowledge of company security policy and Business risk appetite. Identification of potential security risks and minimizes security risk exposure to the organization. Provision of on-going expert consultancy to infrastructure and project teams for proposed firewall rules design and implementation. Proactive involvement with the internal supplier in the sign-off process prior to live deployment and attendance of technical forums. Provide input to the firewall evaluation process, develop and implement improvements.. Adherence to contractual requirements. Perform queue management and meet SLA targets. Support security incidents handling/investigation relating to firewall changes.
Service Improvement - 15%
Develop and maintain standardized and repeatable operational processes. Develop security incident and security violation processes and procedures. Lead and contribute to security policy development and reviews. Provide expert guidance on all firewall aspects of policy development to security functions in GIS and to other technology units. Present findings and solutions clearly to stakeholders of all levels and abilities in other business units. Able to take on scrutiny of ideas and develop into solutions when appropriate. Review and approval of new and existing policies affecting network capability units. Review new firewall technologies and provide information and expertise to allow GIS, networks and supplier review teams to make decisions on the suitability of new products for deployment in the Bank. Lead the design and delivery of firewall security solutions.
Relationship Management - 5%
Participate in develop and maintain strong and constructive relationships with stakeholders in other business units. Aid in the management of the relationships with in-sourced and outsourced firewall services. Manage conflicts and pressure. Maintain awareness and deep understanding of IT security issues within the firewall estate - as appropriate escalating to the Firewall Control Manager to ensure appropriate resolution. Communicate regularly with stakeholders to promote information security awareness and ensure consistency in security policy and procedures. Communicate issue/concerns with stakeholders and business cluster and participate in develop solutions.
Staff Development - 5%
Provide coaching to ensure team members are aligned to the business goals and culture. Act as a role model in terms of both delivery and behavior in the Firewall team. Demonstrate commitment to the personal and professional development of team members. Provide objective feedback and input into the formal Performance Management reviews as requested. Mentor and coach colleagues and key stakeholders by sharing experience. Takes initiative to keep own skills up to date and maintain awareness of developments in IT industry
Person Specification
Information Security Knowledge - Essential
In depth understanding of all firewall types. Subject matter expert of one of the following : Checkpoint, Juniper or Fortigate In-depth knowledge of the TCP/IP, networking protocols and Network Security. Thorough working knowledge of firewall and non-firewall routing and switching technologies Some level of experience of Skybox with the ability to become an SME Knowledge of well known ports and protocols and associated vulnerabilities. Able to communicate how these protocols should traverse a firewall and communicate the risks and vulnerabilities clearly to network engineers and project managers. Competent in discussing IT security technology solutions with engineers and senior stakeholders in other capability units. Can challenge Technical designs and the use of port, protocols and applications. Expert knowledge of firewall management tools and interfaces. Understands and can clearly communicate and demonstrate to engineers how management technologies should be deployed. Fully up to date with developments in individual areas of expertise. In depth knowledge of appropriate Principles, Practices and Standards that support the implementation of Information Security Policy. Knowledge of preferred risk assessment methodologies.
Information Security Knowledge - Preferred
Good knowledge of Financial Services regulatory and applications Professional qualifications (CISSP, CISM, CISA, etc) Breadth and depth of understanding of Group goals, direction and business strategy which effectively links to Technology strategies. Experience of working in a wider business context, probably with exposure to other organisations.
Business Knowledge
Can engage fully with Program/Project & Network Project Managers. Understand relationship between information security and business objectives and able communicate and clearly present security requirements to business users and management and projects Demonstrates a good end to end understanding of the business/IT processes for the organisation area and relationships. Understands what information should be communicated, when, and to whom. Must be able to communicate difficult decisions in a clear and consistent manner to engineers and project managers. Identify the potential impact of changes on the business and suggest workarounds and alternative solutions. When a firewall request cannot be approved be able to apply experience and knowledge to suggest alternative methods for implementation that offer the same solution but do not pose risks to the business. Knowledge of Risk Assessment methodologies.
Service Delivery
Security focused while maintaining a close eye on delivery. Ability to prioritise, control and react to an environment with rapidly changing demands/priorities. Management of multiple projects, constant changing priorities whilst working to strict deadlines. Experienced in dealing with conflicts and pressure. Can lead and participate in negotiations. Ability to maintain a dialogue in difficult situations and to apply knowledge where appropriate to ensure that issues are resolved in a secure manner. Understand change management requirement and best practices. Can describe and participate in security incident management processes. Understands the importance of effective technical documentation in identifying the managing IT Security risks. Able articulate rational of declining firewall change to both technical and non-technical business groups. Experienced in process development and documentations. Identify process deficiencies and work with colleagues in other affected business units to identify improvements to the end to end process. Experienced in tread analysis and reporting. Aware of IT security developments, identifying trends and proactively provision for future issues and requirements. Attention to detail. Can analyse and document specific business and technical requirements for firewall changes. Able to demonstrate flexibility and to deliver within strict SLA.
Management
Demonstrates initiative and competence. Supports and encourages positive working behaviours in other team members. Able to prioritize with or without supervision..... click apply for full job details
About Barclays
Barclays is a transatlantic consumer, corporate and investment bank offering products and services across personal, corporate and investment banking, credit cards and wealth management, with a strong presence in our two home markets of the UK and the US.
With over 325 years of history and expertise in banking, Barclays operates in over 40 countries and employs approximately 130,000 people. Barclays moves, lends, invests and protects money for customers and clients worldwide. Please visit our website here for more information.
GIS
Global Information Security is a fully global team, with over 800 colleagues across Europe, Asia, Africa and the Americas. We support the business in ensuring confidentiality, integrity and availability of the firm's information assets, and in implementing world-class security solutions to meet business needs.
We operate critical controls and work in partnership with the business to ensure our customers can trust Barclays to protect their sensitive information, and that the security of our critical infrastructure, staff, and assets is maintained .
Role Purpose
Continue to make the environment a safer place to do business by:
Management of Security sign-off of firewall related change activities. Manage and support of Skybox application Provide ongoing assurance that compliance requirements are being satisfied. Lead security involvement in improvement projects. Lead service improvements to further enhance firewall security assurance
Key Accountabilities
Firewall Compliance and Reporting - 45%
Become an SME on the Skybox firewall security toolset Working with other team members, provide total management and support of Skybox application Ensure we maintain full coverage of estate firewalls. Design and develop assurance mechanisms and enforce security and control objectives. Help develop monitoring mechanism on compliance status of all firewalls across the Bank. Meet the needs of key internal and external regular reporting requirement. Assess change integrity in architecture design, firewall instance deployment and rule implementations.
Security Signoff for Firewall change requests - 30%
Perform Gate keeper role for all firewall related change activities. Adherence to regulator requirement, security policies, processes and procedures. Develop and maintain deep knowledge of company security policy and Business risk appetite. Identification of potential security risks and minimizes security risk exposure to the organization. Provision of on-going expert consultancy to infrastructure and project teams for proposed firewall rules design and implementation. Proactive involvement with the internal supplier in the sign-off process prior to live deployment and attendance of technical forums. Provide input to the firewall evaluation process, develop and implement improvements.. Adherence to contractual requirements. Perform queue management and meet SLA targets. Support security incidents handling/investigation relating to firewall changes.
Service Improvement - 15%
Develop and maintain standardized and repeatable operational processes. Develop security incident and security violation processes and procedures. Lead and contribute to security policy development and reviews. Provide expert guidance on all firewall aspects of policy development to security functions in GIS and to other technology units. Present findings and solutions clearly to stakeholders of all levels and abilities in other business units. Able to take on scrutiny of ideas and develop into solutions when appropriate. Review and approval of new and existing policies affecting network capability units. Review new firewall technologies and provide information and expertise to allow GIS, networks and supplier review teams to make decisions on the suitability of new products for deployment in the Bank. Lead the design and delivery of firewall security solutions.
Relationship Management - 5%
Participate in develop and maintain strong and constructive relationships with stakeholders in other business units. Aid in the management of the relationships with in-sourced and outsourced firewall services. Manage conflicts and pressure. Maintain awareness and deep understanding of IT security issues within the firewall estate - as appropriate escalating to the Firewall Control Manager to ensure appropriate resolution. Communicate regularly with stakeholders to promote information security awareness and ensure consistency in security policy and procedures. Communicate issue/concerns with stakeholders and business cluster and participate in develop solutions.
Staff Development - 5%
Provide coaching to ensure team members are aligned to the business goals and culture. Act as a role model in terms of both delivery and behavior in the Firewall team. Demonstrate commitment to the personal and professional development of team members. Provide objective feedback and input into the formal Performance Management reviews as requested. Mentor and coach colleagues and key stakeholders by sharing experience. Takes initiative to keep own skills up to date and maintain awareness of developments in IT industry
Person Specification
Information Security Knowledge - Essential
In depth understanding of all firewall types. Subject matter expert of one of the following : Checkpoint, Juniper or Fortigate In-depth knowledge of the TCP/IP, networking protocols and Network Security. Thorough working knowledge of firewall and non-firewall routing and switching technologies Some level of experience of Skybox with the ability to become an SME Knowledge of well known ports and protocols and associated vulnerabilities. Able to communicate how these protocols should traverse a firewall and communicate the risks and vulnerabilities clearly to network engineers and project managers. Competent in discussing IT security technology solutions with engineers and senior stakeholders in other capability units. Can challenge Technical designs and the use of port, protocols and applications. Expert knowledge of firewall management tools and interfaces. Understands and can clearly communicate and demonstrate to engineers how management technologies should be deployed. Fully up to date with developments in individual areas of expertise. In depth knowledge of appropriate Principles, Practices and Standards that support the implementation of Information Security Policy. Knowledge of preferred risk assessment methodologies.
Information Security Knowledge - Preferred
Good knowledge of Financial Services regulatory and applications Professional qualifications (CISSP, CISM, CISA, etc) Breadth and depth of understanding of Group goals, direction and business strategy which effectively links to Technology strategies. Experience of working in a wider business context, probably with exposure to other organisations.
Business Knowledge
Can engage fully with Program/Project & Network Project Managers. Understand relationship between information security and business objectives and able communicate and clearly present security requirements to business users and management and projects Demonstrates a good end to end understanding of the business/IT processes for the organisation area and relationships. Understands what information should be communicated, when, and to whom. Must be able to communicate difficult decisions in a clear and consistent manner to engineers and project managers. Identify the potential impact of changes on the business and suggest workarounds and alternative solutions. When a firewall request cannot be approved be able to apply experience and knowledge to suggest alternative methods for implementation that offer the same solution but do not pose risks to the business. Knowledge of Risk Assessment methodologies.
Service Delivery
Security focused while maintaining a close eye on delivery. Ability to prioritise, control and react to an environment with rapidly changing demands/priorities. Management of multiple projects, constant changing priorities whilst working to strict deadlines. Experienced in dealing with conflicts and pressure. Can lead and participate in negotiations. Ability to maintain a dialogue in difficult situations and to apply knowledge where appropriate to ensure that issues are resolved in a secure manner. Understand change management requirement and best practices. Can describe and participate in security incident management processes. Understands the importance of effective technical documentation in identifying the managing IT Security risks. Able articulate rational of declining firewall change to both technical and non-technical business groups. Experienced in process development and documentations. Identify process deficiencies and work with colleagues in other affected business units to identify improvements to the end to end process. Experienced in tread analysis and reporting. Aware of IT security developments, identifying trends and proactively provision for future issues and requirements. Attention to detail. Can analyse and document specific business and technical requirements for firewall changes. Able to demonstrate flexibility and to deliver within strict SLA.
Management
Demonstrates initiative and competence. Supports and encourages positive working behaviours in other team members. Able to prioritize with or without supervision..... click apply for full job details