Lead Engineer - Network Security

The Opportunity

" Join our team to work on the continuous improvement of the security and compliance of FICO’s complex cloud and corporate services, where you will be responsible for implementation of Zero Trust within our AWS environments and work cross-functionally " - Hiring Manager

What You’ll Contribute

Design, implement and manage scalable network security controls and automation in public cloud environments (AWS, Azure, GCP, Oracle).
Support integration between 3rd party ZTNA services and native AWS constructs like, VPCs, Security Groups, NACLs etc.
Lead, guide, or implement development of security automation and scripting tools to streamline security processes and workflows. Identify new options and avenues for automation.
Provide technical leadership throughout implementation, configuring policies and managing certificates for web services via web application firewalls.
Collaborate with Cyber Security, Product Development, and operations around network security efforts to drive security policy through technical controls and processes.
Under limited supervision, manage and operate security solutions and optimize configurations to improve security posture of networks and information systems.
Supply control evidence to support internal and external audit initiatives related to network security.
Provide expertise as a subject matter expert regarding edge services for public/private cloud information system controls related infrastructure, policy, and decision-making processes.
Participate in an on-call rotation and provide timely resolutions for security configuration or solutions in support of service availability.
Work on problems of diverse scope where analysis of situation requires evaluation and troubleshooting including network packet analysis, Linux or Windows DNS, certificates lifecycle, logfile analysis, and related.
Maintain service levels consistent with current defined levels and future requirements.
Security certifications such as CISSP, CCSP, or AWS Security are desirable.
Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.

What We're Seeking

Enterprise experience with installing, operating, and maintaining Web Proxy, Zero Trust Network Access (ZTNA) solutions such as Zscaler, Palo Alto, Netskope, or similar.
Extensive experience working as Senior Engineer with Network security and Cloud security domains
Hands on experience with deploying secure network ingress/egress services and cross account/tenant connectivity solutions in public cloud infrastructure (AWS, Azure, Google, Oracle).
Experience with security automation and programming skills in Python, Terraform or similar scripting languages in a cloud environment.
Service provider level knowledge with next-gen firewall (NGFW) administration and design.
Working knowledge of Web Application Firewall (WAF) management configuration and security protection concepts.
Thorough knowledge of DNS hierarchy, troubleshooting and security techniques.
Able to troubleshoot issues leveraging large scale SIEM logging infrastructures.
Familiarity with Email Security solutions and email transport mechanisms.
Strong understanding of TLS, encryption, routing, IPsec VPN and networking concepts.
Resourceful problem-solver skilled at navigating ambiguity and change.
Security certifications such as CISSP, CCSP, or AWS Security are desirable.

Our Offer to You

An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.