The Threat Prevention Architect will lead global initiatives to create and transform infrastructure solutions across the threat prevention space. Interacts externally with key vendors to understand future technology direction and drive product roadmaps to meet our needs. Interacts internally with senior level management to communicate strategic planning roadmaps and executive summaries for technical triage efforts.
Provides technical oversight in identifying, evaluating, and developing infrastructure solutions. Key decision-maker to drive future threat prevention strategy and service evolution. Key Responsibilities:
- Serve as Architecture lead to design threat prevention solutions that adhere to information security requirements while meeting business needs to establish secure network connectivity leveraging varying content inspection systems for malware prevention, data loss prevention, and forensic analysis
- Utilize creative-thinking and advanced problem-solving skills to build and maintain strategic roadmaps that enhance information security mission while optimizing cost, business needs, and end user experience
- Communicate with business partners at an enterprise level; interfacing with internal business representatives and information security partners
- Provide technical consultation to other team members and supported areas
- Senior level expertise in at least one of the following (in order of desirability):
- F5 (SSLO, ASM, ATM),
- McAfee Web Gateway,
- McAfee DLP,
- VMWare NSX Defender (formerly LastLine),
- FireEye (NX/VX/CM)
- 10+ years of IT experience
- Expertise with web proxies for advanced content filtering
- Expertise in malware prevention and data loss prevention systems, including Day Zero threat prevention
Core Technology Infrastructure Organization:
- People management a plus, but not required
- Mid to senior level expertise in Broadcom / BlueCoat Proxy Security Gateways
- Design integration with cloud service providers such as Azure, Google, AWS, IBM
- Expertise in Virtualization, ESXi server management, vSphere, vCenter, vSAN, vMotion to transform hardware based infrastructure to virtual platforms
- Experience in automation scripts (such as Ansible, Terraform)
- Programming expertise; scripting/automation of various security products
- Understanding of Machine learning, data modeling and perform advanced analytics
- Understanding of cloud encryption and tokenization (i.e., Salesforce topology and integration of Salesforce / Servicenow clouds with Cloud encryption gateway)
- Expertise in Linux, Python, Apache, HTML + Bootstrap, and SQL.
- Leveraging APIs to enhance automation routines.
- Familiarity with the following tools and/or platforms helpful:
- CipherCloud or similar cloud encryption technology
- Zscaler, Radware, FireEye, Websense, Scansafe, Ironport, , Damballa, Vontu, Skyhigh, Palantir, Cloudera platforms
- SEIM tools such as Arcsight, Splunk
- MUST have extensive knowledge on fundamental networking concepts of DNS, DHCP, Firewalls. Load balancing, IPS, basic routing/switching; excellent understanding of TCP/IP and packet analysis
- Expertise in creating Application and network diagrams including all pertinent flows and decisions.
- Capability to summarize complex issues into executive summaries
- Basic understanding of Cryptography, SSL certificates, SSL decryption / offload methodologies, HSM/HSMaaS
- Believes diversity makes us stronger so we can reflect, connect and meet the diverse needs of our clients and employees around the world
- Is committed to building a workplace where every employee is welcomed and given the support and resources to perform their jobs successfully
- Wants to be a great place for people to work and strives to create an environment where all employees have the opportunity to achieve their goals.
- Provides continuous training and development opportunities to help employees achieve their career goals, whatever their background or experience.
- Is committed to advancing our tools, technology, and ways of working to better serve our clients and their evolving business needs.
- Believes in responsible growth and is dedicated to supporting our communities by connecting them to the lending, investing and giving them what they need to remain vibrant and vital.