Job Objectives:
To maintain and secure IS/IT Network Technologies ensuring their maximum availability, integrity, reliability, and confidentiality to deliver and support secure & cost-effective infrastructure for client/server services. Qatalum Network Infrastructure is based on the latest Cisco and Hirshman, technologies and products. Qatalum also consists of software and hardware from popular vendors including but not limited to F5, Palo alto, F5, FireEye and others
Job Description:
- Design, operate, maintain, secure and support industry-leading network infrastructure, processes, and practices to ensure defense in depth approach and ensure services availability, integrity, confidentiality, and reliability.
- Maintain and harden plant wide wired and wireless network infrastructure including Cisco ACI and Hirschman technologies.
- Design, implement, operate, and support network security controls including but not limited to, NextGen firewalls, web application firewall, network sandbox, malware protection, NAC, IPS, and VPN technology in line with Qatalum’s security architecture, guidelines, and compliance requirements.
- Work in close coordination with the systems team to support infrastructure services including Active Directory, DNS, DHCP, endpoint security, application delivery, PKI, and remote connectivity.
- Implement and maintain reference architecture for on premise and cloud deployments to ensure secure landing zone, micro segmentation, zoning, access management and security controls across all workloads.
- Manage routine operation, configuration, troubleshooting and policy fine tuning of network and system security controls and solutions.
- Responsible for timely remediation of reported and assigned vulnerabilities ensuring adherence to change management process and remediation timelines to reduce threat footprint and comply with department KPIs.
- Plan, conduct and report periodic preventive maintenance, upgrades, threat intelligence updates, patching and health checks of the infrastructure security controls to ensure maximum performance, security, and availability.
- Ensure proactive monitoring for availability, fault, and capacity management to ensure scalability and plan for resource/license availability to meet business demands.
- Participate in business continuity and DR design, implementation and test activities, continuous improvement of DR plans, define and maintain BC/DR SOPs, execution of DR plan during declared state of emergency to ensure business resilience within SLA.
- Responsible to liaise with SOC to ensure proper and effective integration of security controls for continuous security and event monitoring and to support escalated incidents.
- Provide 2nd level of support for all major information security incident response, management and investigation in corporate network, cloud infrastructure, data centre, and plant wide computer rooms.
- Recommends improvements to the secure reference architecture through continuous review and assessment of the IT and OT infrastructure security requirements, policies and procedures based on secure practices, compliance, and business needs.
- Perform any other related duties or assignments as directed.
- Active member of the 24*7 IT standby/on-call to provide support in order to ensure maximum availability, reliability and security.
The above statements are intended to describe the general nature and level of the work to be performed. This is not an exhaustive list of all duties and responsibilities. Qatalum’s Management reserves the right to amend and change responsibilities to meet business and organizational needs as necessary.
Minimum Qualification Required
- Bachelor's degree in an IT related discipline
- Relevant Certifications from Cisco (CCIE preferred) and other network security technologies.
Required experience
- 7+ years' experience in a similar role handling large IT and OT infrastructures
Job Specific Skills
- Certifications in Network Infrastructure and Security Domains
- Experienced with (or equivalent) the following regulations & frameworks: PCI, ITIL and ISOIIEC 2700x
- Experienced in Cisco ACI infrastructure
- Hands on experience in infrastructure and security systems, including Cisco, Hirshman, F5, Palo alto, FireEye systems and products, Cloud technologies, HCI, etc.
- Experienced in routing and switching technologies, including but not limited to, RIP, OSPF, BGP, STP, RSTP, MST, LACP, PAGP
- Experienced in VPN technologies
- Experience with systems, security, and network monitoring tools
- Thorough understanding of the latest security principles, techniques, and protocols.
- Experienced with Automation and digitalization techniques to deploy and support services efficiently.
- Intermediate Knowledge of: Server OS & infrastructure technologies and IP Telephony and Radio Technologies
- Problem solving skills and ability to work under pressure
- Understanding of Regulatory Compliance, Risk Management, Privacy
- Understanding of current and emerging technologies
- Fluent written and spoken English
