Cybersecurity-CD&E-Network Security Firewall - Associate 2 - Bangalore

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Associate

Job Description & Summary

At PwC our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities develop secure systems and provide proactive solutions to safeguard sensitive data.

Those in security architecture at PwC will focus on designing and implementing robust security frameworks to protect organisations from cyber threats. You will develop strategies and solutions to safeguard sensitive data and enable the integrity of systems and networks.

Driven by curiosity you are a reliable contributing member of a team. In our fast-paced environment you are expected to adapt to working with a variety of clients and team members each presenting varying challenges and scope. Every experience is an opportunity to learn and grow. You are expected to take ownership and consistently deliver quality work that drives value for our clients and success as a team. As you navigate through the Firm you build a brand for yourself opening doors to more opportunities.

Examples of the skills knowledge and experiences you need to lead and deliver value at this level include but are not limited to:

• Apply a learning mindset and take ownership for your own development.
• Appreciate diverse perspectives needs and feelings of others.
• Adopt habits to sustain high performance and develop your potential.
• Actively listen ask questions to check understanding and clearly express ideas.
• Seek reflect act on and give feedback.
• Gather information from a range of sources to analyse facts and discern patterns.
• Commit to understanding how the business works and building commercial awareness.
• Learn and apply professional and technical standards (e.g. refer to specific PwC tax and audit guidance) uphold the Firms code of conduct and independence requirements.

Year of Experience

2-4 years

Position Requirements

• Candidate with 4-8 year of experience in working in operations/managed services.
• Having experience of multi cloud infrastructure solution such as Azure & AWS
• Carrying out deployment maintenance monitoring and management tasks
• Demonstrable previous experience of implementing and supporting large-scale IT Infrastructure environment or large Business.
• Strong technical knowledge on Microsoft Network & Cloud technology along with leadership and communication skills to improve the delivery of services. Communicating effectively to all stakeholders on a regular basis.
• A practical understanding of gathering business requirements & scoping relevant solutions.
• Use resources to best advantage by collaborative working with all Team Leaders.
• Setting the behavioral & performance standards. Energizing your team.
• Deal positively with change & uncertainty.
• To work on projects and initiatives as directed by the IT Services to support changes or opportunities in wider business
• Excellent written communications skills sufficient to write reports and business correspondence in a professional manner.
• Ability to verbally present complex concepts and technical information to a non-technical audience in a clear and concise fashion.
• Strong interpersonal skills sufficient to conduct business with others in a diplomatic professional manner.
• Ability to manage multiple projects and successfully handle multiple tasks.
• Preferred Skills/Technical Competencies: Strong technical experience on Palo Alto Cloud Security Cloud platforms NAC (Network Access Control)

Preferred Knowledge

Web Application Firewall

• Create deploy maintain and troubleshoot WAF policies for new and existing web applications
• Configure and manage WAF configuration for cloud / On-Premises WAF solutions
• Review vulnerabilities that impact web applications and develop WAF Virtual Patching solutions
• Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks
• Review WAF usage and define means to improve and mature protection policies
• Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications
• Interpret web protocol information to determine source intent and risk of threat agents
• Provide preventative maintenance troubleshooting and quickly resolve problems to ensure infrastructure and application stability
• Participate in technical design activities to ensure a sound design and any infrastructure impact is understood
• Create and maintain technical documentation regarding the WAF infrastructure including network diagrams policies and operational procedures for managing the infrastructure.
• Work closely with Development QA Operations InfoSec and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks
• Review vulnerability scan output and assess where WAF configuration can be used to mitigate attacks.
• Basic understanding of data flow technologies such as routing NAT ARP and associated command line tools such as tcpdump
• Awareness of mainstream operating systems and a wide range of security technologies including network firewall IPS and web proxy.
• Build and enhance our proven security platform.
• Blend innovation and speed in a constantly evolving cloud architecture.
• Analyze new threats and offer deep insight through data-driven intel.
• Collaborate with customers to help solve their toughest security challenges.

Palo Alto and Prisma Cloud Technologies

• Experience in planning configuration and deployment of PA Firewalls
• Expert in troubleshooting implementing and configuring Panorama Palo Alto firewalls
• Analyzing the current Palo alto and Prisma environment and providing recommendations and implementation plans to upgrade the code App-ID.
• Health Monitoring Attack vector monitoring Indicators of Compromise monitoring and blocking Dynamic ACL monitoring and blocking
• Configuring Panorama and managing the firewalls using Panorama
• Configuring and troubleshooting Prisma cloud solutions like DLP SASE CASB SSPM modules
• Familiar with Device groups & Templates pre-rules post rules & security profiles the centralized push of security policies
• VPN: Good knowledge on SSL VPN IPSEC Remote Access VPN GRE over IPSEC VPN
• Responsible for development of Palo alto NextGen Network Security Components and Protocols for State-of-the-art firewalls deployed at Enterprise Data Center Cloud and Service Provider environments
• Palo Alto Firewall threat updates on periodic basis
• Incident management Change Management for different severity levels and following escalation matrix for ensuring SLA adherence
• P1 P2 and P3 incidents monitoring and coordination with stakeholders for timely resolution
• Expert in configuring routing protocols and documenting on Palo alto firewalls
• Develop scalable flow architecture for tunneling protocols mobility protocols high availability solution for Stateful Failover
• Experience & knowledge of Global protect VPN
• Product visionary ideas on the competitive edge Effective decision-maker take ownership and independently drive lead tasks and assignments
• Assess tools applications systems and infrastructures to ensure compliance security best practices and that established baselines are maintained
• Improve enterprise security architecture designing and implementing remediation technologies techniques and processes
• Monitor information security alerts and collaborate with other technical teams to respond triage and escalate as needed. Alerts include logs from firewalls IDS OS Antivirus databases web application firewalls and web servers.
• Audit the system environment and provide actionable information about risk discovery and create and maintain complex event alerts and summary reports
  
  

Network security infrastructure (Illumio Micro / Nano Segmentation Forescout NAC Zscaler)

• Planning and designing reliable powerful and flexible security architectures for Security Technologies.
• In depth knowledge and hands on experience in handling and troubleshooting network setup with Network access control solutions like Cisco ISE Forescout etc.
• Familiarity with network-centric applications such as TACACS RADIUS and Syslog would be advantageous as would experience of 802.1x network authentication.
• Experience in documenting Forescout operations configurations and changes
• Apply technical expertise in implementing efficiencies and creating strategies to better detect and respond to cyber incidents by prioritizing mitigation actions.
• Understand the Traffic Flows for both Https (web Traffic) standard and custom application-based traffic and accordingly design solutions around it for Firewalling and Proxy services.
• Whitelisting IP space for various Project teams to access external vendors to ensure safe and secure connectivity.
• Coordinates activities with other system areas and vendors and deals with network security systems planning upgrading monitoring testing and servicing.
• Experience analyzing application traffic flows to develop firewall security policies
• In-depth knowledge of application ports/protocols and application characteristics at packet level
• Experience developing firewall security policies
• Ability to troubleshoot application security policies.
• Expertise level required with Illumio Core PCE VENs workloads and labeling strategy and troubleshooting
  
  

AWS Cloud Networking

• Good understanding of AWS cloud networking components and experience with configuration and troubleshooting for AWS cloud environments.
• In-depth understanding of AWS Networking components/services like VPC virtual gateway Route53 Direct Connect Gateway transit VPC transit gateway lambda endpoints load balancers.
• Expertise with AWS WAF AWS Load balancers for deployment and troubleshooting
• Experience in using and configuring a SIEM dashboard for use in monitoring a Web Application Firewall (WAF).
• Experience deploying and configuring a WAF.
• Knowledge of common OWASP Top Ten Web Application and API vulnerabilities and the ability to explain them to non-technical or non-security-oriented team members.
• Experience troubleshooting common AWS WAF deployment issues.
• Background working in a complex network architecture DNS and CDN components.

Preferred Skill

• Palo Alto Panorama Prisma Cloud
• Zscaler ZIA Zscaler ZPA solutions
• Forescout and Illumio
• AWS WAF Imperva WAF and Load balancer solutions

• Uphold the firms code of ethics and business conduct.

Professional and Educational Background

• Bachelors Degree Preferred.

Education (if blank degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank certifications not specified)

Required Skills

Optional Skills

Accepting Feedback Accepting Feedback Active Listening Amazon Web Services (AWS) Azure Data Factory Communication Compliance Safety Accountability (CSA) Computer Network Defense Cybersecurity Cybersecurity Framework Cybersecurity Requirements Emotional Regulation Empathy Encryption Technologies Forensic Investigation Incident Response Tool Inclusion Intellectual Curiosity Java (Programming Language) Optimism Security Architecture Security Consulting Security Control Security Engineering Security Framework Management 9 more

Desired Languages (If blank desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship

No

Government Clearance Required

No

Job Posting End Date