SECURITY LEAD

Job Description

• Fortigate/Juniper/Soniwall Firewall
• Cisco ACS
• Cisco ISE
• Juniper/Dell VPN box
• Deliverables:
• Security Services
• Service support and delivery of standard/approved devices and associated components.
• a) Installation/configuration of Security Devices and Operations
• (1) Installing new security devices, for branches the basic installation to be done by respective vendor and remote access will be given to IMS team.
• (2) Configuring devices as per the JSFB Operational Security guidelines.
• (3) Conduct operations in accordance with ISO20K standards.
• (b) Monitoring
• (1) Monitor all security devices for availability and performance of devices and components.
• (2) Monitor alerts/logs pertaining to various UTM features-AV, IPs, etc.
• (c) Performance Management
• (1) Analyse device performance and proactively undertake steps to maintain/improve device performance.
• (d) Backup and Recovery
• (1) Maintain configurations of all Security devices.
• (2) Undertake periodic tape readability and restoration onto test devices to check usability of the backed-up configurations.
• (e) Patching of Security Devices
• (1) Undertake regular upgrades on all security devices as per the defined cycle in the JSFB Operation Security Guidelines.
• (2) Apply critical patches on security devices when applicable.
• (f) HA Readiness
• (1) Undertake regular failover-fallback tests where dual devices are available to ascertain HA readiness.
• (h) Audit and Compliance
• (1) Prepare and undergo various internal and external as may be applicable from time to time.
• (i) Internet & Public DNS&IP Management
• (j) Automation
• (1) Identify opportunities for automation of various security management tasks.
• (2) Automate management tasks and maintain the automation tools/scripts.
• (k) SIP
• (1) Identify various SIPs towards continual improvement of reliability and/or performance of security devices.
• (2) Execute various SIP programs in a timely manner as per the plan.
• (l) Capacity Management
• (1) Forecast and provide for future growth basis current increase in utilization and inputs from other IT teams.
• BAU Security
• Security Service support and delivery for Infrastructure systems, End users, auditors, management etc.
• 1) Work with JSFB security team to deliver user awareness during cyber security threats
• (2) Any other not listed would in line with JSFB standards / Regulation / International standards based on evolving cyber threat landscape.
• (3) Deploy Cyber aware resources to support general end user computing staff
• (4) ensure any backup / archival requirement is compiled and it is in line with JSFB / Regulatory requirements
• Asset Management
• (1) Always have update and accurate Asset information of elements of DC and DR
• (2) provide necessary details during audit at shortest possible time
• (3) any loss or misuse of assets should be notified to JSFB IT Security team at earliest and support during any investigation of elements of DC and DR
• SOC Alerts
• (1) Work on all SOC alerts and ensure incidents are resolved at earliest to reduce risk of larger exposure to bank
• (2) Develop a lesson learnt from various incident and include it part of process improvement plan and roll it to all end user computing and servers / s devices / handheld etc.
• (3) Password changes should be followed with predefined process
• (4) Support audit requirements
• (f) Backup and Recovery
• (1) Management of backup copies on storage media.
• (2) Recovery of system setup from stored backup.
• (3) Encrypt all tapes and ensure key is managed as per key management process
• (g) Patching and VA
• (1) Apply all applicable operational and security patches on the systems.
• (2) Monitor patch compliance to the JSFB patch calendar and report on periodic basis.
• (3) Conduct regular Vulnerability scan to identified issues and resolve them within defined timelines (4) any exception should be brought to notice of JSFB IT Security team
• (h) Risk Assessment
• (1) conduct twice a year risk assessment of all / application / servers and share report with JSFB IT security team
• (2) conduct once a year risk assessment of end user computing and share the report with JSFB IT Security team
• (i) Self-assessment
• (1) Deploy a team of auditors to conduct twice a year self-assessment of all technical controls and any observation is fixed within agreed timelines. At all times JSFB IT Security team advice and approval should be taken. All reports shared with JSFB teams.

Keyskills :
checkpointfortigate