- Works with Architecture & Engineering on the implementation and operation of new security technologies including Application Intrusion Detection & Prevention and Network Posture Assessment.
- Monitors the performance of the DMZ infrastructure supporting proxy services, perimeter defense and threat protection performing required maintenance and upgrades as appropriate.
- Participates in the implementation of DMZ technologies and executes tests using established procedures and test cases; and reports on results.
- Monitors security exceptions and violations, investigates and takes appropriate action.
- Determines and implements network perimeter protection strategies and countermeasures.
- Within a larger project, leads the execution of project elements of notable complexity related to their area of expertise, such as leading the implementation of a new technology or upgrade; develops the strategy for execution.
- Implements Secure Socket Layer technology on load balancer and reverse proxy devices.
- Ensures that all implementations follow the agreed upon design. Reviews and signs - off on design prior to implementation.
- Assesses performance of installed technologies, analyzes data, identifying any unusual findings and escalates as appropriate.
- Provides input to design decisions, contributing an understanding of how the technology performs in the NY Life environment.
- Leads the testing of new technologies to be implemented in the environment, ensuring all scenarios have been tested in accordance with requirements.
- Makes decisions guided by function/business plans and policies that impact operations or an area of operations.
- Responsible for the delivery of end results focused on operational excellence
- Provides ongoing support and troubleshooting for installed technical solutions, able to resolve nearly all operational issues.
- Collaborates with peers to solve unique and complex issues; requires conceptual and innovative thinking and education and/or experience to develop solutions.
- Recommends best practices for solving internal and/or external business issues.
- Leads problem determination efforts requiring assistance from cross functional teams for the most complex situations.
- Trains others on creating secure networks, forward and reverse proxy services, firewalls, intrusion-detection systems, web application firewalls, common network attacks, attack methods, and network defense architectures
- Provides guidance and technical coaching to less experienced staff. May provide input to manager on staff performance relating to technology but does not prepare or deliver performance reviews.
- Supports business customers in the implementation, maintenance and support of elements of the infrastructure.
- Can quickly grasp customer requirements, anticipates changing business needs and challenges, and their subsequent impact on the technical direction of a solution.
- Collaborates with engineering staff, providing input to design as appropriate.
- Well versed in secure access methodology, VPN and products for BIGIP APM
- Detailed understanding of data network concepts and operational functionality. Solid knowledge of TCP/IP networking, LAN/WAN internetworking technology (Switching, Routing, & Architecture.), Network Application Protocols (DNS, FTP, HTTPS, SSH, etc.) and client/browser behavior, IP security, 802.11 standards, & packet capture analysis
- Day to day management of load balancing configurations in a multi-datacenter environment - F5 Local Traffic Manager with Global Traffic Manager integration with advance troubleshooting experience understanding of DNS resolvers (Authoritative vs Recursive, Forwarders).
- Hands-on experience with routing, switching, and load balancing in highly complex environments