Network Perimeter Security – Senior Firewall Engineer, Associated Vice President

MUFG - Monterey Park, CA (30+ days ago)2.6


Discover your opportunity
with Mitsubishi UFJ Financial Group (MUFG), the 5th largest financial group in
the world with total assets of over $2.4 trillion (as ranked by SNL Financial,
April 2016) and 140,000 colleagues in nearly 50 countries. In the U.S., we’re
13,000 strong, working together to positively impact every customer,
organization, and community we serve. We achieve this by delivering on our
values, putting people first, fostering long-term relationships built on
honesty and mutual understanding, and inspiring the best in each other. This is
all part of our inclusive, high-performing culture supported by Total Rewards
that include our cash balance pension plan. Join a team that’s working to
fulfill its vision to be the world’s most trusted financial group.

Network Perimeter Security, Sr Firewall Engineer, AVP

Summary:
The Senior
Firewall Engineer, Associate Vice President, is responsible for supporting all
bank and branch Checkpoint firewall environments, who will work within
Enterprise Information Security (EIS). The candidate will need to demonstrate a
level expertise in the areas of network routing, spanning firewall, VPN,
IPS/IDS, proxy, advanced threat protection, security, TCP delivery, and
application flow for load distribution in load balancing. Work closely with
Control Officers to ensure their understanding of associated risks and
technical actions required for remediation. Ensure consistent and comprehensive
creation of Standard Operating Procedures and/or Business As Usual
documentation for firewall and IPS/IDS technologies. This role would be a
combination of project oriented work as well as a high level of operations for
issues residing within network infrastructure. This role would be a combination
of project oriented work as well as a high level of operations for issues
residing within network infrastructure.

Major Responsibilities:
Provide a level of technical network
security expertise to support enterprise network infrastructure. P rovide technical assistance for
cross-functional departments, and peer level engineers, and/or project
management. A ssist in design, and day-to-day operations
with implementing all aspects of Checkpoint firewalls Consult to internal customers regarding
application instabilities, network performance problems, and ideas for design
improvements. R esponsibility to provide future insights
into leading edge technology in, or outside of firewall, security, or spanning
space. Create
and maintain evergreen processes for network security onboarding and recurring
testing D evelop,
maintain and promote baseline security testing framework into part of
regression testing Maintaining
familiarity with industry trends and security best practices Build
close relationships with peers within Enterprise Information Security Closely
collaborate with security architects in developing network security
architectural principles, policies, reference stacks, features, and
requirements Understand
the risk appetite of the firm and appropriately manage and address network
security control deficiencies within these parameters

Qualifications:
Must have a
minimum of 5 years’ experience in information technology with emphasis on
Information Security.
Subject Matter Expert in Checkpoint Firewalls
CISSP, GIAC, or equivalent
Knowledge
and experience with networking, network segmentation and network access.
Experience managing/securing a large scale, complex, high performance
environment.
Strategic, creative, and innovative mind
Exceptional ability to execute and drive change
Must be able to sustain and operate in fast-paced, team-oriented
environment.
Experience supporting enterprise, large-scale data center infrastructure
environments.
Ability to
understand and determine security risks and apply appropriate controls.
Ability to
work independently on initiatives with little oversight.
Strong
communications skills

Working Knowledge:
Firewalls, Proxy

Intrusion Detection System (IDS)

Threat detection

Preferred Working Knowledge:
Security Information and Event Management (SIEM)

Web Application Firewall (WAF)

Cloud Services Platforms

Email Security

Multifactor Authentication (MFA)

Public Key Infrastructure (PKI)

Domain Name System (DNS)

Distributed Denial of Service (DDoS) Protection

Wireless Local Area Network (WLAN) Security
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified.

We are proud to be an Equal Opportunity / Affirmative Action Employer and committed to leveraging the diverse backgrounds, perspectives, and experience of our workforce to create opportunities for our colleagues and our business. We do not discriminate in employment decisions on the basis of any protected category.

A conviction is not an absolute bar to employment. Factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered in all employment decisions. Additionally, it's the bank's policy to only inquire into a candidate's criminal history after an offer has been made. Federal law prohibits banks from employing individuals who have been convicted of, or received a pretrial diversion for, certain offenses.