Job #: 816
Title: Bluecoat Proxy Engineer
seeking to add an experienced Bluecoat ProxySG subject matter expert to our Web Engineering team for a Data Leakage Prevention (DLP) project. This team is responsible for engineering, integrating and hosting web infrastructure on which thousands of web applications run ? delivered to both internal and external clients . The engineer will act as a subject matter expert for web security. In particular, designing and delivering robust, effective solutions covering our internet perimeter and external content delivery network providers.
Responsibilities Include:- Testing, architecting, integrating and deploying Bluecoat ProxySG appliances with leading DLP vendors (e.g. – Vontu, Symantec, etc)- Collaborating with lead engineers responsible for web and application servers, load-balancers and web authentication infrastructure,- Working with colleagues in the wider organization who own networks, logging, application architecture and other complementary technologies.- Drive determination and implementation of security best practice in our web platforms and infrastructure- Research into vendor and open source solutions in the web security space, and determination of their place in our overall solution- Interfacing with technical contacts at external vendor providers and other internal teams to ensure a holistic solution is delivered and enhanced- Training operations personnel, application support groups and other engineers in tools, technologies and procedures- Be a key player in / leader of response to cyber-attacks on the firm’s web infrastructure should they occur
Skills Required- Extremely Deep Bluecoat ProxySG Appliance experience required; must know advanced CPL writing, proxy debugging and SSL interception capabilities- Minimum 5-7 year’s hands-on progressive experience with building, managing and deploying more than 50 devices in a highly heterogeneous environment- Hands-on DLP experience integration with Bluecoat proxies- Practical and theoretical knowledge of web and web application server components such as IIS, Apache, Tomcat, Websphere, !JBoss, etc…- Malware/exploit exposure vectors (Malvertising, hidden frames, XSS/XSRF, etc) and anti-malware/exploit tactics and strategies- Deep Linux Experience; must know bother userland *and* adminstrative roles and tasks- In-depth Load Balancer knowledge revolving around how they work, various deployment models and how they’re used in proxied environments- Expert knowledge of web security concepts and cyber attack vectors covering network through application layers- Incredibly profound understanding of the protocols underpinning the web – TCP/IP, HTTP, SSL/TLS etc… Must be able to intelligently dissect and discuss all 7 layers of the OSI stack- Experience working in DMZ environments with good understanding of hardware load-balancing, firewalls, multi-tiered architectures.
Bonus Skills:- Hands-on F5/A10 load balancer knowledge- Velocity programming experience- Linux hands-on system administration (RHEL) knowledge- Practical knowledge of Web Application Firewall (WAF) configuration- CISSP or similar recognised cyber security qualifications- Experience with configuration and use of content delivery networks (Akamai, Cloudflare, etc)- Development experience in Perl or Java is a plus- Experience operating in large, siloed enterprise environments- Experience with monitoring strategies to detect and mitigation approaches to remedy (D)DoS attacks