EY Perimeter Security Infrastructure Engineer (HAT:1697) in Argentina

Perimeter Security Infrastructure Engineer (HAT:1697)

Core Business Services

Requisition # ARG001OE

Post Date Aug 21, 2018

Job Summary:

Highly skilled tasks [including project management] within the Cloud Secure team, part of the Network Services group, you will be working in a team responsible for the design, engineering, implementation, documentation and service management of perimeter security services inside Ernst & Young cloud environments. These services will be handed over to Perimeter Security Operations teams once all relevant documentation is provided. Additionally you will be working closely with the On-Premises Perimeter Security team and also provide consulting services to other teams, as well as acting as a level four escalation for the Operations teams for complex issues.

Essential Functions of the Job:

  • Technical Competence

  • Lead the development of technical solutions and offerings for network services across the global Ernst & Young environment. These services are standards based, inherently secure, innovative and aligned to business requirements.

  • Translate business needs into technical requirements. Identify gaps, strategic impacts, financial impacts and the risk profile in the technical solution or offering, and provides L4 escalation support.

  • Create designs based on industry best practices, sound solid engineering principles incorporating both local and global requirements while clearly understanding that one size does not fit all.

  • Provide sponsorship and lead technical delivery for projects, programs and initiatives with a focus on fiscal responsibility while delivering on time, in scope and on budget.

  • Handle complex long-term and short-term focused projects involving multiple disciplines or business units. Provide leadership and direction to high priority or special projects undertaken by the business area.

  • Provide high-level specialized technical support and consultation to business and IT management.

  • Provide technology expertise for all facets of perimeter based security to enhance quality and facilitate superior solutions which meet business requirements.

  • Work with the portfolio and service delivery teams to provide consultancy expertise towards developing Business Case and Order of Magnitude Estimates prior to project kick-off.

  • Provide project management and guidance as required during smaller scale initiatives.

  • Collaborate with appropriate teams to create and gain approval on global technology standards and reference architectures on an ongoing basis.

  • Develop and maintain documentation for configuration guidelines and templates.

  • Research and keep abreast of industry trends and new technology offerings by maintaining engineering relationships with strategic vendors to ensure our technology landscape, reference architectures, designs and configuration standards stays current.

  • Drive and complete technical deliverables and documentation on assigned projects.

  • Build technology solutions following all relevant EY standards and practices.

  • Provide technical knowledge as input into Standards creation and update on an ongoing basis as products and technologies evolve.

  • Working with the Perimeter Security Operations teams to ensure a smooth transition of new solutions into the production environment

  • Administration

  • Maintain responsibility for individual resource utilisation whilst working on projects, meeting defined capacity models and providing regular utilisation reporting.

  • Working to ensure projects are resourced correctly and from this that they meet deadlines and budgets.

  • Ensure compliance to key performance indicators (KPIs), suggesting changes where necessary to promote efficiencies in the IT Service processes and procedures.

  • Ensure full and correct time capture on a weekly basis for all project and administration work to allow effective top level reporting.

  • Client/Team Relationships

  • IT Services GIS Technology Domains

  • IT Services management team

  • Service delivery staff (Project Managers)

  • Regional Network Domain leaders and staff

  • Operations leaders and staff

  • Strategy & Architecture Team

  • External vendors and suppliers

  • Key business stakeholders

  • Team player with the ability to lead a small project team when required and also the ability to work independently

  • Exhibits Global Diversity Awareness

  • Must be able to effectively interact with other IT Services professionals regardless of location.

Analytical/Decision Making Responsibilities:

  • Strong and in depth analytical and problem-solving skills

  • Able to make technical decisions in support of Architecture, Strategy, Service Management and Operations functions within the project and escalated troubleshooting contexts

  • Strong organizational skills, self-motivated and able to work to tight deadlines

  • Strong work ethic with the ability to work without direct supervision on a daily basis.

  • Ability to provide Technical leadership in the team, and mentor other members as necessary.

Knowledge and Skills Requirements:

  • Advanced skills in planning, designing and troubleshooting complex security environments

  • Extensive experience in designing and implementing perimeter security solutions including:

  • Check Point firewall environments – including GAIA [appliance and Open Server based], vSEC and Provider-1

  • Secure Web Gateway solutions from Blue Coat, including Malware detection, SSL interception and URL filtering

  • Microsoft Azure & Amazon Web Services workload protection techniques such as micro-segmentation, perimeter protection NVAs - including WAF, SSL Interception and network visibility/threat protection.

  • Cisco routing and switching technologies – including converged.

  • SonicWALL or similar remote access technologies

  • Good Working knowledge of

  • Wireless LAN security concepts, including wireless Guest Access solutions.

  • DNS, DHCP and Active Directory environments.

  • LAN/WAN networking technologies and how they interact with technical security infrastructure.

  • Modern automation tools such as; Puppet, Ansible and DevOps

  • Cloud technologies, practices and methods

  • Desire to learn and adapt new skills, especially cloud and SD-WAN technologies, to enhance and simplify Perimeter security within EY

  • Strong ability to document processes, procedures and security designs clearly and accurately for distribution to internal teams and customers.

  • Understanding of other technologies required to run an enterprise level infrastructure

  • Knowledge and operational understanding of technologies used for building cloud services, Linux, OpenStack, containers, REST API, JSON-RPC, Virtualization, and Databases especially as it relates to Cloud Service Providers, Private Clouds and Datacentre infrastructure.

  • Proficiency on Linux and one or more scripting languages (Python, Perl, TCL, Shell) with focus on networking. (Python experience is a plus)

  • Knowledge of DevOps fundamentals including automation frameworks such as Ansible, Puppet & Chef

  • Substantial, extensive and demonstrated experience in various aspects of technology infrastructure design and implementation, with tangible, relevant and demonstrated experience in delivering projects within scope and budget.

  • Experience in a high-volume or critical production service environment.

  • Demonstrated experience in dealing with external vendors and suppliers in the network industry.

  • Demonstrated skills in developing actionable roadmaps and implementing these efficiently,

  • Good understanding of key performance indicators relevant for the role.

  • An overall understanding of the business objectives of Service Lines and Core Business Services departments.

  • IT service delivery, direct business engagement, and multiple technology domains

  • Work with the ITIL methodology in the area of process engineering

  • Exposure to network troubleshooting tools such as Wireshark, tcpdump etc and the ability to interpret their output.

  • Demonstrated experience in dealing with external vendors and suppliers in the security industry

Supervision Responsibilities:

  • No direct supervision responsibilities although expectation of technical leadership within the projects assigned.

  • Mentoring and guidance to more junior team members.

Other Requirements:

  • Flexibility to adjust to multiple demands, shifting priorities and rapid change

  • Ability to deal efficiently with escalations and difficult situations/people under pressure

  • High level of interpersonal, communication, organizational and decision-making skills

  • Ability to effectively and energetically present technology and business propositions to customers, peers, and management

  • Ability to understand and integrate cultural differences and motives and to work in virtual cross-cultural, cross-border teams

  • English language skills - excellent written and verbal communication

  • Due to the global team/organization calls and meetings out of regular office hours will occur

  • Travel may be required to guide implementations or meet with vendors and contractors supporting various projects

  • Weekend or late night work may occur.


  • A Bachelor’s degree in Computer Science or related discipline, or equivalent work experience required


  • Extensive and demonstrable experience in various aspects of Security technology infrastructure design and implementation, with experience in delivering projects within scope and budget

  • Minimum 5 years in an engineering function.

Certification Requirements:

  • Desirable: Security related Professional qualifications [CISSP, CISM, GIAC etc.], Check Point and Blue Coat accredited qualifications. ITIL Foundation