Connecting...

CTO - Network Security Architect (Automation)

  • location

    New York City

  • sector:

    Technology, Cyber Security

  • job type:

    Permanent

  • Contact:

    Bradley Boughton

  • Email:

    bradley.boughton@orbisconsultants.com

  • job ref:

    CTO-NetSec

  • published:

    6 months ago

  • expiry date:

    2021-05-14

The CTO is the future-looking technical arm . We envision, design and prototype the next generation infrastructure, hardware and applications that interface in all aspects of the company including financial products, broadcast and media, data centers, internal IT and our global network. We are passionate about what we do. 

Networks are becoming more and more complex, and our network footprint is growing to meet increasing client demand. As infrastructure has evolved, so too has the sophistication of attackers, searching for policy gaps to exploit. Being so deeply connected to every aspect of the financial industry, we value complete coverage.

As a member of the Security Analytics and Identity Architecture team, you will help us design, secure, and monitor our network infrastructure. You’ll have influence over our overall security policy, and will guide engineering partners to build security tools and work with operational security groups to define our policy. From research to production, you’ll be prototyping, working with stakeholders across the firm, interfacing with vendors, and working with SRE teams to bring your ideas live.

What's in it for you: 

Our team focuses on the critical aspects of securely bringing services to hundreds of thousands of customers every day. We have a holistic view of how infrastructure, from the fiber transiting bits of data, through to the high-level application services that run on top of that, impact our security posture. You’ll define roadmaps, support building tools to define policy intent, execute policy deployment, and introduce technologies and methodologies to support our policy goals. 

We’ll trust you to:

  • Take a technical leadership role in defining strategies for delivering services securely and with proper controls
  • Foster developing technology to make engineer-friendly, service-aware policy definition tools
  • Design tools and strategies to manage proxy-based controls, firewalling and host-based ACLs
  • Collaborate with partners in our CISO’s office and Engineering.
  • Guiding engineers as we identify security vulnerabilities across our systems, and remediate.
  • Provide requirements to internal development teams and external vendors, and foster a culture of security consciousness across Engineering and Product.
You'll need to have:
  • 5+ years of experience automating network infrastructure, including at least one of the areas of policy, inventory management and visibility.
  • 3+ years of experience developing automation technology with Python, Ruby, Go or other languages used in infrastructure automation.
  • An understanding of modern and legacy data center networks, as well as WAN architecture.
  • Expertise in Ansible, Chef, Salt, Nornir, and other infrastructure automation technologies.
  • A hands-on, teamwork-oriented approach, focused on building consensus and managing through influence.
We’d love to see:
  • Understanding of the challenges operating trusted infrastructure in public cloud environments, as well as on-premises.
  • Practical concerns about offerings at infrastructure edge (i.e. load balancers, reverse proxies, etc.).
  • Experience with managing service edge security, especially around.
  • Exposure to infrastructure security controls for Kubernetes, OpenStack.
  • A UNIX systems background