We are seeking to add an experienced Web Proxy subject matter expert to our Web Security Engineering team. The team is responsible for engineering, integrating and hosting web infrastructure on which thousands of web applications run.
The specialist will act as a subject matter expert for web security. In particular, designing and delivering robust, effective solutions covering our internet perimeter and external content delivery network providers.
Responsibilities:
- Architecting, testing, integrating and deploying Web Proxy technologies with leading network DLP or Malware scanning solutions.
- Collaborating with leads responsible for web and application servers, load-balancers and web authentication infrastructure
- Working with colleague subject matter experts in the wider organization who administer networks, logging, application architecture and other complementary technologies.
- Drive determination and implementation of security best practice in our web platforms and infrastructure
- Research into vendor and open source solutions in the web security space, and determination of their place in our overall solution
- Interfacing with technical contacts at external vendor providers and other internal teams to ensure a holistic solution is delivered and enhanced
- Training operations personnel, application support groups and other engineers in tools, technologies and procedures.
External Skills Required:
- Around 5 years of experience in similar position
- -Moderate to Advanced proxy experience required including engineering of flows via proxy and client access for troubleshooting
- Must know how to integrate external services with proxies via ICAP, proxy chaining, and service offloads, etc.
- Moderate cloud security experience across at least a couple of the more cloud providers (Azure, O365, AWS, etc.)
- Practical and theoretical knowledge of web malware and how it can get inside the network and mitigation strategies
- Light to moderate Linux Experience; must know at least standard user and roles and tasks
- Expert knowledge of web security concepts and cyber-attack vectors covering network through application layers
- Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS etc.
- Ideal candidate would be able to intelligently dissect all 7 layers of the OSI stack
- Experience working in DMZ environments with good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
Skills Desired:
- Hands-on proxy knowledge; Bluecoat and Zscaler experience preferred
- Hands-on CASB design, architecture and deployment (SkyHigh, Symantec, etc.)
- Programming/Scripting languages: Python, Perl, AngularJS
- Knowledge of Data Protection Practices (Data At Rest, In Use, In Motion, etc.) and their practical implementations
- Practical knowledge of web malware, its propagation and mitigation strategies
- CISSP or similar recognized cyber security qualifications
- Experience operating in large, siloed enterprise environments
Education Level :
Bachelor's Degree