AVP / Senior Associate, WAN Engineer, Technology Services, Technology and Operations
Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels. Responsibilities
Management of network daily activities; incident and problem management; security incident responses and management. Responsible to work with respective DC and CUS teams' members on the review of network architecture and design, trouble-shooting, as well to work on the replacement of old or low capacity network system or devices, e.g. firewalls, DNS, Server and Traffic Load Balancers, switches, and routers. Responsible to work with the respective server and application teams' members in trouble-shooting and identify root cause, related to network. Responsible to work with the respective network vendors' support teams for the trouble-shooting, identification and resolution of network problems. Responsible for network devices, as well as appliances, vulnerability review and assessment. Responsible for network devices, as well as appliances, change implementation review and assessment. Responsible to conduct post implementation review on areas of improvement and tuning. Responsible to conduct and train Level 1 engineers, i.e. to empower and equipped the L1 engineers with the knowledge to run and maintain both the DC and campus networks Gather user' hosting requirement, do product research, if necessary, of users' products, do network assessment and advice various teams for network related requirements. Administration and management (technical operations) of Proxy Infrastructure across Bank. Evaluate and upgrade Proxy Appliance and related firmware. Evaluate and deploy various open source proxy softwares like Squid and HAProxy in best possible ways. Deploy, configure and manage DNS and DHCP servers as per requirements. Deploy, configure and manage F5 GTM and LTMs across Network Infrastructure. Deploy, configure and manage Network Authentication Servers like Cisco ACS, Vasco servers to manage TACACS+ and Radius authentications Coordinate with information security governance team to align IT infrastructure with established standards. Ensure system compliance with all established information security policies Perform period health check , security analysis and tuning of Proxy and DNS Servers. Perform technical assessment of any non-well defined or complex Proxy and DNS change requests prior to implementation. Perform regular review of Proxy rules and settings and recommend necessary optimization actions Assist Level 1 Support Engineers during problem determination and resolution whenever necessary. Advanced troubleshooting production problems with RCA and fault diagnosis Performance and historical trend analysis. Design and monitor operations metrics on a monthly basis to keep track of device utilization. Capacity management of Proxy, F5 GTM/LTM and DNS Servers. Explore more designs in Proxy to enhance functionality and usage of existing servers. Hands on experience in Network Monitoring servers like Solarwinds, Nagios, Netbrain, etc. Develop processes for improving operational efficiencies, as well as identifies/implements automation tools for existing manual processes. Prepare technical reports, memoranda, and instructional manuals as documentation of network design and operational requirements. Ready to work in shifts including public holidays Ready to be on call for 24x7 support during shifts Requirements
The person should have 8 to 10 years of network engineer experience with the following skills and competencies:
- Experience in network design and support
- Experience with Bluecoat Proxy design and support.
- Experience with Infoblox DNS, DHCP and NTP servers design and support.
- Experience with F5 and Brocade Load balancers design and support.
- Experience in Radware Link controllers and Load balancers.
- Experience in managing authentication servers like Cisco ACS and Vasco Radius servers.
- Experience with Cisco and Arista Switches.
- Knowledge and experience in design, build and trouble-shooting issues with secure web gateway and SSL traffic issues.
- Knowledge and experience in employing and using various networking trace tools, i.e. Sniffer, Wireshark, riverbed net profiler, NetBrain, Gigamon and etc.
- Knowledge and experience in using network management systems, i.e SolarWinds, Nagios and etc.
- Pro-active, dynamic and with good analytical/conceptual thinking.
- Excellent English communication skills both written and verbal.
- Hands on expert level knowledge of routing, switching and other network
- Certifications such as CCNP or equivalent level in networking is an advantage.
- Prior experience within network engineering a bonus.
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.