Web Security Specialist (Proxy Infrastructure)
Montreal, Quebec Canada
September 18th 2019
We are seeking to add an experienced Web Proxy subject matter expert to our Web Security Engineering team. The team is responsible for engineering, integrating and hosting web infrastructure on which thousands of web applications run.
The specialist will act as a subject matter expert for web security. In particular, designing and delivering robust, effective solutions covering our internet perimeter and external content delivery network providers.
Architecting, testing, integrating and deploying Web Proxy technologies with leading network DLP or Malware scanning solutions.
Collaborating with leads responsible for web and application servers, load-balancers and web authentication infrastructure
Working with colleague subject matter experts in the wider organization who administer networks, logging, application architecture, and other complementary technologies.
Drive determination and implementation of security best practice in our web platforms and infrastructure
Research into vendor and open source solutions in the web security space, and determination of their place in our overall solution
Interfacing with technical contacts at external vendor providers and other internal teams to ensure a holistic solution is delivered and enhanced
Training operations personnel, application support groups and other engineers in tools, technologies, and procedures.
Enterprise Technology & Services (ETS) delivers shared technology services for the Firm supporting all business applications and end-users. ETS provides capabilities for all stages of the Firm software development lifecycle, enabling productive coding, functional and integration testing, application releases, and ongoing monitoring and support for over 3,000 production applications.
ETS also delivers all workplace technologies (desktop, mobile, voice, video, productivity, intranet/internet) in integrated configurations that boost the personal productivity of our employees. Application and end-user services are delivered on a scalable, secure, and reliable infrastructure composed of seamlessly integrated data center, network, compute, cloud, storage, and database services.
Around 5 years of experience in a similar position
Moderate to Advanced proxy experience required including engineering of flows via proxy and client access for troubleshooting
Must know how to integrate external services with proxies via ICAP, proxy chaining, and service offloads, etc.
Moderate cloud security experience across at least a couple of the more cloud providers (Azure, O365, AWS, etc.)
Practical and theoretical knowledge of web malware and how it can get inside the network and mitigation strategies.
Light to moderate Linux Experience; must know at least standard user and roles and tasks- Expert knowledge of web security concepts and cyber-attack vectors covering network through application layers
Good understanding of the protocols underpinning the web - TCP/IP, HTTP, SSL/TLS, etc.
The ideal candidate would be able to intelligently dissect all 7 layers of the OSI stack
Experience working in DMZ environments with a good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
Hands-on proxy knowledge; Bluecoat and Zscaler experience preferred
Hands-on CASB design, architecture, and deployment (SkyHigh, Symantec, etc.)
Programming/Scripting languages: Python, Perl, AngularJS?
Knowledge of Data Protection Practices (Data At Rest, In Use, In Motion, etc.) and their practical implementations
Practical knowledge of web malware, its propagation and mitigation strategies
CISSP or similar recognized cybersecurity qualifications
Experience operating in large, siloed enterprise environments
Job ID: A2526