ADS Engineer 8/31/2016
JOB DESCRIPTIONAPPLY In addition to our transformational mission, the Network Integration team routinely works on functions related to: capacity management, technology lifecycle, deployment, regression testing and configuration management. We collaborate with our Engineering teams to control the release of new services and partner with our NOC teams to solve issues impacting the bank's users and services.
* Create designs based on industry best practices, engineering standards and security principles
* Ensure security controls are implemented and operating effectively as part of solutions delivery
* Articulate and defend security positions
* Lifecycle management - code upgrades, vulnerability patching and EOL replacement programs
* Engineer service request fulfillment processes
* Create detailed implementation plans and runbooks for downstream execution teams
* Collaborate with engineering and operations teams from service design through operations transition process for new services
* Perform design validation and QA testing of new services to ensure successful production deployment
* Manage the capacity and availability of the security infrastructure
* Manage System of Record (SOR) for all network assets
* Liaise with Information Security partners to enforce compliance with all bank standards
* Review of all capacity metrics to ensure availability of all services
CORE TECHNOLOGIES IN SCOPE
* Application Delivery Controller (ADC) - F5 BIG-IP Local Traffic Manager (LTM)
* F5 BIG-IP Global Traffic Manager (GTM)
* Authoritative External DNS:
* F5 BIG-IP GTM [Static provides tech knowledge and capabilities as team member and individual contributor. Will not have direct reports but will influence and direct activities of a team related to special initiatives or operations. Provides input on staffing, budget and personnel. Typically 5 or more years of systems engineering experience.
* Subject matter expertise load balancer, DNS, SSL off loader
* Functional understanding of F5's API iControl and application integration.
* Knowledge of F5 iRules (F5's TCL scripting language)
* Must have expertise in application switching and traffic management, deep knowledge of application requirements (such as persistence), understand SSL offload and implementation of SSL certificate and Key, and web acceleration and TCP optimization.
* Use of F5 DOS and DDOS features and mitigation methods including use of network Packet filters and iRules is desirable.
* Functional knowledge of F5 advanced feature modules including Web Accelerator, Application Security Module, and Application Policy Module.
* Knowledgeable of F5 system logging event types and logging levels
* In depth knowledge of SSL cryptographic protocol in securing communications over the Internet and the ability to leverage F5 BIG-IP Application Delivery Controllers in performing SSL offload (client decryption) and server encryption solutions.
* Understanding of SSL Certificate Private Key Infrastructure (PKI) in the SSL Certificate and KEY management and rollover process is beneficial.
* Expertise in planning, designing, and implementing enterprise-level network security technologies.
* Expert understanding of network protocols.
* Hands on security troubleshooting, network-based forensics, and proficient with packet analysis tools like Wireshark, Opnet, etc
* Experience with root cause analysis, risk mitigation, security assessments, analysis of security threats, trends and architecture preferred.
* Programming/scripting experience (Perl, Python or Golang)
* Knowledgeable on network management and monitoring tools (HP NNMi, Syslog, Splunk, Entuity, Tivoli ITM, HPNA, Cisco CMCS, Netscout)
* Excellent written and verbal communication. Ability to present at an executive level.
* Experience managing large, globally dispersed teams of engineers
* 7-10+ years networkengineering and/or technology management experience
* B.S. degree in Information Technology or Computer Science (Master's degreepreferred)
* Proven ability to manage short and long term engagements with multiple project tracks and teams
* Ability to interact with clients at all level, from the C-Level to IT individual contributor
* Firm understanding of IT Service Management processes, ITIL Certification preferred
Yes, 10 % of the Time