Assistant Vice President/ Vice President, APAC Firewall / Proxy DMZ Security Engineering, Core Technology Infrastructure
Bank of America
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Core Technology Infrastructure:
- Believes diversity makes us stronger so we can reflect, connect and meet the diverse needs of our clients and employees around the world.
- Is committed to building a workplace where every employee is welcomed and given the support and resources to perform their jobs successfully.
- Wants to be a great place for people to work and strives to create an environment where all employees have the opportunity to achieve their goals.
- Provides continuous training and development opportunities to help employees achieve their career goals, whatever their background or experience.
- Is committed to advancing our tools, technology, and ways of working to better serve our clients and their evolving business needs.
- Believes in responsible growth and is dedicated to supporting our communities by connecting them to the lending, investing and giving them what they need to remain vibrant and vital.
Job Description:
Coming from a technical background, you have a strong understanding of DMZ related technologies such as Firewalls , IDS/IPS, Load Balancers , Proxies ,how they are designed, deployed, and supported.
As a External Networks Architecture Engineer, your will be responsible for designing, implementing and managing operation escalation of our DMZ related devices
You will ensure maintain in operational condition in alignment with our global standards.
Ability to work varied hours to successfully interact and communicate on a global level.
Responsibilities:
- Accountable for end-to-end engineering and deployment of APAC region DMZ services
- Collaborate with various stakeholders: project Managers, application owners, product managers, global engineering domain leads and operations teams from service design through operations transition.
- Participate in hands-on implementation, configuration of devices and engineering new services into production.
- Ensure security controls are implemented and operating effectively as part of solutions delivery.
- Create designs based on industry best practices, engineering standards and security principles.
- Understanding the design/purpose of each application or infrastructure project, defining resource requirements to efficiently collaborate across other technology technical teams to deliver high visibility projects.
- Ensuring documentation is updated to reflect new additions to or modifications in the environment and handed into Operations successfully.
- Identifying and managing the mitigation of risks within the environment.
- Liaise with Information Security partners to enforce compliance with standards.
- Support activities related to Audit, Compliance Reviews & Regulatory Exams.
- Review of all capacity metrics to ensure availability of all services.
- Perform regular patching / OS upgrade / Hardware refresh to remediate vulnerabilities.
- Facilitate meetings among all stakeholders/ vendors regularly and produce status update reports periodically.
Required Skills:
- Minimum 5+ years of hands-on experience with large scale, complex network/DMZ environments preferably in the banking and finance industry.
- Analytical and technical skills with proven experience in network DMZ security technologies especially Firewall, IDS/IPS,.
- Knowledge of Web Content Filtering , IPAM & Load Balancer technologies
- 5+ years or more experience with deep understanding in Firewall technologies – Fortinet, CheckPoint, vendor platform & IDS/IPS technologies.
- networking troubleshooting and knowledge of web connectivity and protocols (PAC files, TCP/IP, HTTP, HTTPS, SSL, FTP, Socks, etc.).
- Networking troubleshooting skills and request triaging including taking and analyzing traffic packet captures, policy research, traffic logs and system log reviews
- knowledge of networking communication principles, network standards, and network security practices.
- Experience in creating Application and network diagrams including all pertinent flows and decisions.
- Familiar with product deployments within a global banking environment.
- Understanding in Automation (Python, Ansible etc).
- Knowledge of regulatory risk management in Technology and Information Security domains preferred.
- ITIL processes knowledge: Change Management, Incident Management, Request Management, and Problem Management. ITIL certification preferred.
- At least one professional level certification in Network Security Mcafee , CheckPoint/Fortinet, Trendmicro IPS/IDS , Load Balancing , CCNA , etc] is desirable.
- Educated to degree level in IT/Engineering field.
- Strong discipline regarding enforcement of access and change management ITIL best practices and principles.
- Understanding of Network Automation tools and processes
- Self-starter/self-directed, organized and detail oriented.
- Strong technical acumen and analytical skills
- Good verbal and written communication skills
- Experience aligning actions to business impact and service restoration.
- Ability to operate with colleagues across different time zones with a flexible approach to working hours (ability to work varied hours) to successfully interact and communicate on a global level.
Desired Skills:
- 5+ years experience in Networking-related disciplines within a design, implementation, or operations role
- 5+ years of deep technical experience working on DMZ environments
- Knowledge of LB/Firewall/IPS/Threat Prevention
- Attention to detail, confident enough to raise questions and escalate when necessary.
- Understanding of the principles of network routing/switching
- Basic knowledge Unix/Linux and Windows environments
- Experience with automation tools such as Python, PowerShell, Ansible, API calls (to ticketing systems and network devices), and frontend web development.
- Experience of working within Financial Services (Insurance, Banking, Investment banking)
- Experience deploying large-scale, global projects and programs.
- Familiarity with IT security and risk management practices.
- Excellent organizational skills, able to manage multiple work streams simultaneously and respond to rapidly changing demands.
- Understanding of financial services regulatory and legal environment
- Ability to articulate technical and business issues and solutions effectively to business or technical staff across organizational layers.
Preferred Certifications:
- Cisco CCNA
- Firewall certification - Checkpoint CISA/CISSP or Fortinet ( FCS/FCA/FCP )
- Any othe Fortinet/LB/Proxy certification will be a plus.
 
              
            