Principal Network Security Engineer
About Northern Trust:
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.
Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.
Role: Principal Network Security Engineer
Description of role and key responsibilities:
Reporting to the Director of Network Application Engineering, the Principal Network Security Engineer is seen as a technical expert in networking security. This is a technical, team lead, and hands-on role, with a primary focus on design and implementation of network security change; although you will be expected to support the network security operations team with complex troubleshooting of issues as required. You will have experience of working in high impact, mission critical environments, where service matters, and exceeding expectations is the norm. You have led critical projects, thrive in critical problem solving, and enjoy leading a team working on projects.
Key responsibilities:
- Defining and documenting Network Security Standards
- Creation of Low Level Design documents to meet requirements outlined in the High Level Design
- Creation of detailed Implementation Plans for all engineering related activity
- Procurement activities relating to build and delivery of new services (Project)
- Ensuring the smooth Transition/Handover to Operations in line with agreed Operational Acceptance Process
- Managing Technical Lifecycle Management for all Network & Communications services
- Supporting Architecture in creation and upkeep of a Delivery Roadmap for Network Security
- Supporting the Architecture in scoping activities required to produce the High Level Design
- Supporting Architecture in undertaking Proof of Concept activities
- Ensuring skillsets are relevant and up to date in order to deliver change and provide a high level of support
- Providing escalation support to Operations with complex troubleshooting of Major Incidents as required
- Provide on-call escalation support (rota basis) and work extended hours when required
Core Skills & Experience:
- A minimum 10+ years of hands-on experience of network security solutions within a global enterprise scale organization (5,000-50,000 users) with both traditional datacenters and Cloud.
- Considerable first-hand experience of design engineering and building resilient and scalable security solutions, ideally within finance or investment banking.
- Cybersecurity principles, global financial services business models, as well as regional compliance standards, relevant local regulations, and applicable laws.
- The concepts of risk and compliance and how to translate these into effective security solutions.
- Appreciation of automation and orchestration and will have experience of scripting against an API.
- Strong understanding of Layer 2, Layer 3 & Layer 4-7 network and security technologies.
- Familiar with a variety of testing tools, networking technologies and techniques to accurately troubleshoot and resolve complex technical problems associated with the service, application and network hardware and software.
Technical Skills & Experience:
You will have expert knowledge and experience in several of the following areas:
- NGFW platforms and management tools such as Tufin
- Network Access Control in enterprise environments
- Application Delivery & Load balancers
- Public and Private cloud security
- Workflow automation
- Routing and switching
- WAN Optimization
- DNS, IPAM and DHCP
It is desirable and advantageous to also have knowledge and experience of the following technology platforms:
- Check Point, Fortinet, Tufin
- Forescout, Cisco ISE
- F5, Netscaler
- Infoblox
- Microsoft Active Directory, CyberArk
- Azure log analytics
- Akamai CDN
- Illumio
- Zscaler
- Python
- Ansible, Terraform
- Azure and AWS native firewall and load balancing
Technical Certification:
It is desirable and advantageous to have the following certification or demonstrable working experience:
- Check Point CSSE
- CISSP
- ITILv3 foundation or higher
- Zscaler fundamentals certification, advanced preferred
- F5
Personal Attributes:
- Highly organized and have proven ability to operate well under pressure, working to tight deadlines.
- Have good problem management and customer service skills.
- A positive attitude and be capable of remaining positive even when under immense pressure.
- Able to work with global teams to deliver projects, often at pace and under challenging circumstances.
- High professional standards, who never accepts the status-quo; who challenges why things are done the way they are.
- Strong communicator, both written and verbal.
- Discourage hero culture and ensure the team always comes before the individual, although always ensuring for the welfare of staff at all times.
- Always act with integrity and embrace the philosophy of treating our customers fairly (compulsory).
- Work effectively as one IT community across the regions and the business.
- Embrace the philosophy and principles of group IT.
- Understand and apply Northern Trust’s working practices, policies and procedures.
Working with Us:
As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.
Reasonable accommodation:
Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at
We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.
#J-18808-Ljbffr