Network and Security Engineer - New York - Natixis Corporate & Investment Banking

Description

Natixis CIB is seeking a dynamic and experienced Vice President of Network Security to lead and enhance our network security infrastructure across the AMER region. This strategic leadership role requires a deep technical understanding of network security and the ability to drive initiatives that protect our systems while mentoring a talented engineering team.

The job responsibilities include, but are not limited, to the following:

• Infrastructure Oversight: Lead the design and administration of Natixis CIB AMER's network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity.
• Technology Initiatives: Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals.
• Continuous Monitoring: Ensure optimal network performance through continuous monitoring, dashboard creation, promptly addressing any security incidents.
• Documentation Management: Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts, to support operational efficiency and facilitate effective communication.
• Cross-Department Collaboration: Collaborate with infrastructure teams to resolve network-related challenges and ensure seamless operations across departments.
• Audit and Security Coordination: Work closely with audit and IT Security teams in both AMER and BPCE-IT to provide necessary documentation and implement remediation plans as required.
• Staff Mentorship and Training: Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team.
• Vulnerability Assessments: Conduct vulnerability assessments and manage patching processes to effectively mitigate and report security risks across the AMER region.
• Security Reporting: Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents, and trends to inform strategic decision-making.
• LOD1 Security Management: Manage Line of Defense 1 (LOD1) network security controls and request as specified by the IT Risk Department.
• Strategy Alignment: Coordinate with AMER and Head Office IT Security teams to assure alignment on security strategies and policies.
• Tool Proficiency: Profiecent knowledge of security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response.
• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; Master's preferred.
• 6+ years of hands-on experience in network security management, preferably within the financial services industry.
• Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation.
• Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security is a plus. Highly desirable CISSP, CISM.
• Strong project management and leadership experience.
• Excellent communication and problem-solving skills, with a focus on collaboration and teamwork.
• Extensive understanding of network technologies – L2, L3, VXLAN, BGP, LAN/WAN/VPN
• Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods
• Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy-pac scripting
• Troubleshooting knowledge of network and security systems with minimal guidance is required.
• OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience is required.
• Excellent oral and written communication and documentation skills are essential.
• Ideal candidate must have a strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure design, and troubleshooting.
• Among these technologies, knowledge of Arista and Cisco design, configuration and automation is a definite plus
• Knowledge of scripting languages such as Python, PoweShell, or Ansible.
• The individual will need to be very organized, flexible, results oriented and able to multi-task to meet the demands of our dynamic environment
• The candidate should be a self-starter, be able to work with minimal supervision, properly and effectively report project/work status to management and peers, take full ownership and responsibility of the tasks assigned to her/him and work them through completion.
• The candidate should be able to demonstrate both technical capabilities and in-depth knowledge of various security and network concepts, technologies, and best practices
• The candidate should have the ability to convey in non-technical terms complex technical explanations related to problems, designs, etc.
• Knowledge of Ansible Scripting is a plus
• Knowledge of micro segmentation tools such as Illumio or VM Ware NSX is a plus

Natixis is an equal opportunity employer, committed to a workplace free of discrimination. Natixis will not tolerate any form of discrimination based on age, color, mental or physical handicap or disability, pregnancy, marital status, sexual orientation, national origin, alienage, ancestry or citizenship status, race, religion, sex (including sex stereotyping, gender identity, gender expression or transgender status), veteran status, creed, genetic information or carrier status, or any other protected characteristic as established by law.

Respect for all means that we deal with each person as an individual and not as a member of any group. All qualified applicants will receive consideration for employment. Management is expected to provide leadership in supporting the firms EEO program by taking steps to promote EEO in all facets of employment including recruitment, hiring, retention, promotion, performance assessment, and career-development opportunities.

The salary range for the VP position will be between $150,000 - $180,000. Natixis is required by law to include a reasonable estimate of the compensation range for this role. Actual base salary will vary and will be based on several factors including, but not limited to, relevant experience, education, skills set, applicable licensure and certifications, and other business and organizational needs. Base salary is only one component of our total rewards package. Natixis also offers a generous benefits package, and you may be eligible for a discretionary incentive award depending on company and individual performance.