Cybersecurity-CD&E-Network Security Firewall - Senior Associate - Bangalore

Line of Service

Advisory

Industry/Sector

Not Applicable

Specialism

Cybersecurity & Privacy

Management Level

Senior Associate

Job Description & Summary

A career in our Cybersecurity, Privacy and Forensics will provide you the opportunity to solve our clients most critical business and data protection related challenges. You will be part of a growing team driving strategic programs, data analytics, innovation, deals, cyber resilency, response, and technical implementation activities. You will have access to not only the top Cybersecurity, Privacy and Forensics professionals at PwC, but at our clients and industry analysts across the globe.

The Network Security team collaborates with our clients to architect, design, and implement security solutions to protect a modern network. This includes strategy through execution across components such as Zero Trust architecture, network segmentation (macro and micro), network perimeter protection, cloud security, remote access, and network connectivity.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Associate, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

• Use feedback and reflection to develop self awareness, personal strengths and address development areas.
• Delegate to others to provide stretch opportunities, coaching them to deliver results.
• Demonstrate critical thinking and the ability to bring order to unstructured problems.
• Use a broad range of tools and techniques to extract insights from current industry or sector trends.
• Review your work and that of others for quality, accuracy and relevance.
• Know how and when to use tools available for a given situation and can explain the reasons for this choice.
• Seek and embrace opportunities which give exposure to different situations, environments and perspectives.
• Use straightforward communication, in a structured way, when influencing and connecting with others.
• Able to read situations and modify behavior to build quality relationships.

Year of Experience

4-8 years

Position Requirements

• Candidate with 4-8 year of experience in working in operations/managed services.
• Having experience of multi cloud infrastructure solution such as Azure & AWS
• Carrying out deployment, maintenance, monitoring, and management tasks
• Demonstrable previous experience of implementing and supporting large-scale IT Infrastructure environment or large Business.
• Strong technical knowledge on Microsoft, Network & Cloud technology, along with leadership and communication skills, to improve the delivery of services. Communicating effectively to all stakeholders on a regular basis.
• A practical understanding of gathering business requirements & scoping relevant solutions.
• Use resources to best advantage, by collaborative working with all Team Leaders.
• Setting the behavioral & performance standards. Energizing your team.
• Deal positively with change & uncertainty.
• To work on projects and initiatives as directed by the IT Services to support changes or opportunities in wider business
• Excellent written communications skills sufficient to write reports and business correspondence in a professional manner.
• Ability to verbally present complex concepts and technical information to a non-technical audience in a clear and concise fashion.
• Strong interpersonal skills sufficient to conduct business with others in a diplomatic, professional manner.
• Ability to manage multiple projects and successfully handle multiple tasks.
• Preferred Skills/Technical Competencies: Strong technical experience on Palo Alto, Cloud Security, Cloud platforms, NAC (Network Access Control)

Preferred Knowledge

Web Application Firewall

• Create, deploy, maintain, and troubleshoot WAF policies for new and existing web applications
• Configure and manage WAF configuration for cloud / On-Premises WAF solutions
• Review vulnerabilities that impact web applications and develop WAF “Virtual Patching” solutions
• Monitor and analyze activity logs to detect malicious internet traffic and indicators of compromise as well as to reduce false positive blocks
• Review WAF usage and define means to improve and mature protection policies
• Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications
• Interpret web protocol information to determine source, intent, and risk of threat agents
• Provide preventative maintenance, troubleshooting and quickly resolve problems to ensure infrastructure and application stability
• Participate in technical design activities to ensure a sound design and any infrastructure impact is understood
• Create and maintain technical documentation regarding the WAF infrastructure including network diagrams, policies and operational procedures for managing the infrastructure.
• Work closely with Development, QA, Operations, InfoSec, and design engineers to ensure security requirements are met and web-applications are adequately protected from cyber-attacks
• Review vulnerability scan output and assess where WAF configuration can be used to mitigate attacks.
• Basic understanding of data flow technologies such as routing, NAT, ARP and associated command line tools such as tcpdump
• Awareness of mainstream operating systems and a wide range of security technologies including network firewall, IPS, and web proxy.
• Build and enhance our proven security platform.
• Blend innovation and speed in a constantly evolving cloud architecture.
• Analyze new threats and offer deep insight through data-driven intel.
• Collaborate with customers to help solve their toughest security challenges.

Palo Alto and Prisma Cloud Technologies

• Experience in planning, configuration, and deployment of PA Firewalls
• Expert in troubleshooting, implementing, and configuring Panorama, Palo Alto firewalls
• Analyzing the current Palo alto and Prisma environment and providing recommendations and implementation plans to upgrade the code, App-ID.
• Health Monitoring, Attack vector monitoring, Indicators of Compromise monitoring and blocking, Dynamic ACL monitoring and blocking
• Configuring Panorama and managing the firewalls using Panorama
• Configuring and troubleshooting Prisma cloud solutions like DLP, SASE, CASB, SSPM modules 
• Familiar with Device groups & Templates, pre-rules, post rules & security profiles, the centralized push of security policies
• VPN: Good knowledge on SSL VPN, IPSEC, Remote Access VPN, GRE over IPSEC VPN
• Responsible for development of Palo alto NextGen Network Security Components and Protocols for State-of-the-art firewalls deployed at Enterprise, Data Center, Cloud, and Service Provider environments
• Palo Alto Firewall threat updates on periodic basis
• Incident management, Change Management for different severity levels and following escalation matrix for ensuring SLA adherence
• P1, P2 and P3 incidents monitoring and coordination with stakeholders for timely resolution
• Expert in configuring routing protocols and documenting on Palo alto firewalls
• Develop scalable flow architecture for tunneling protocols, mobility protocols, high availability solution for Stateful Failover
• Experience & knowledge of Global protect VPN
• Product visionary, ideas on the competitive edge, Effective decision-maker, take ownership and independently drive, lead tasks and assignments
• Assess tools, applications, systems, and infrastructures to ensure compliance security best practices, and that established baselines are maintained,
• Improve enterprise security architecture, designing and implementing remediation technologies, techniques, and processes
• Monitor information security alerts and collaborate with other technical teams to respond, triage, and escalate as needed. Alerts include logs from firewalls, IDS, OS, Antivirus, databases, web application firewalls, and web servers.
• Audit the system environment and provide actionable information about risk discovery and create and maintain complex event alerts and summary reports
   

Network security infrastructure (Illumio Micro / Nano Segmentation, Forescout NAC, Zscaler)

• Planning and designing reliable, powerful, and flexible security architectures for Security Technologies.
• In depth knowledge and hands on experience in handling and troubleshooting network setup with Network access control solutions like Cisco ISE, Forescout etc.
• Familiarity with network-centric applications such as TACACS, RADIUS, and Syslog would be advantageous, as would experience of 802.1x network authentication.
• Experience in documenting Forescout operations, configurations and changes
• Apply technical expertise in implementing efficiencies and creating strategies to better detect and respond to cyber incidents by prioritizing mitigation actions.
• Understand the Traffic Flows for both Https (web Traffic) standard and custom application-based traffic and accordingly design solutions around it for Firewalling and Proxy services.
• Whitelisting IP space for various Project teams to access external vendors to ensure safe and secure connectivity.
• Coordinates activities with other system areas and vendors, and deals with network security systems planning, upgrading, monitoring, testing and servicing.
• Experience analyzing application traffic flows to develop firewall security policies
• In-depth knowledge of application ports/protocols and application characteristics at packet level
• Experience developing firewall security policies
• Ability to troubleshoot application security policies.
• Expertise level required with Illumio Core, PCE, VENs, workloads and labeling strategy and troubleshooting
   

AWS Cloud Networking

• Good understanding of AWS cloud networking components and experience with configuration and troubleshooting for AWS cloud environments.
• In-depth understanding of AWS Networking components/services like VPC, virtual gateway, Route53, Direct Connect Gateway, transit VPC, transit gateway, lambda, endpoints, load balancers.
• Expertise with AWS WAF, AWS Load balancers for deployment and troubleshooting
• Experience in using and configuring a SIEM dashboard for use in monitoring a Web Application Firewall (WAF).
• Experience deploying and configuring a WAF.
• Knowledge of common OWASP Top Ten Web Application and API vulnerabilities, and the ability to explain them to non-technical or non-security-oriented team members.
• Experience troubleshooting common AWS WAF deployment issues.
• Background working in a complex network architecture, DNS, and CDN components.

Preferred Skill

• Palo Alto, Panorama, Prisma Cloud,
• Zscaler ZIA, Zscaler ZPA solutions
• Forescout and Illumio
• AWS WAF, Imperva WAF and Load balancer solutions

• Uphold the firm's code of ethics and business conduct.

Professional and Educational Background

• Bachelor's Degree Preferred.

Education (if blank, degree and/or field of study not specified)

Degrees/Field of Study required:

Degrees/Field of Study preferred:

Certifications (if blank, certifications not specified)

Required Skills

Optional Skills

Desired Languages (If blank, desired languages not specified)

Travel Requirements

0%

Available for Work Visa Sponsorship?

No

Government Clearance Required?

No

Job Posting End Date