Senior Security Systems Engineer

We are seeking a highly skilled Senior Security Systems Engineer with deep expertise in Network Security technologies.

This is a technical, hands-on role within the Network Security Engineering & Deployment team. The ideal candidate will possess Level 3/Subject Matter Expert (SME)-level knowledge and practical experience in managing, designing and troubleshooting Network Security products such as Firewalls, Intrusion Detection & Prevention Systems (IDPS), Web Application Firewalls (WAF), Micro-segmentation, Web Proxies and DNS.

Responsibilities

• Architect, engineer, and implement next-generation network transformation solutions
• Collaborate with cloud, security, and application teams to align network infrastructure with business objectives
• Provide technical leadership in building resilient, scalable and secure hybrid and multicloud network environments
• Architect and deploy advanced network security across data centers, integrating with Cisco ACI for optimal performance
• Serve as the Level 3 escalation point for network security issues, providing SME-level support
• Develop and enforce policy-driven network security architectures, leveraging automation tools (Ansible, Python, XSOR)
• Maintain accurate network security documentation and ensure compliance with industry standards and governance policies
• Mentor peers and stakeholders, leading knowledge transfer on network security technologies and best practices

Requirements

• Bachelor's or Master's degree in Computer Science, Information Technology, or a related field
• 10+ years of experience in network security technologies, including firewalls, IDPS, WAF, micro-segmentation, web proxies and DNS
• Deep understanding of NGFW features (Application Awareness, IPS, DPI), Checkpoint (Threat Prevention, VPNs, HA) and Palo Alto Networks (App-ID, WildFire, User-ID). Proven ability in firewall rule optimization and DNS security implementation
• Expertise in configuring and managing signature-based and anomaly-based IDPS, with experience integrating with SIEM for centralized threat management
• Proficiency in configuring and managing WAFs (e.g., F5 ASM) and implementing bot protection and DDoS mitigation strategies
• Experience with tools like Illumio or Guardicore for workload isolation and a strong understanding of Zero Trust Architecture principles and implementation
• Expertise in configuring role-based access control using Aruba ClearPass and/or Cisco ISE (802.1X, MAB, Guest Access)
• Hands-on experience with Infoblox DDI configuration and management, including advanced DNS security measures (DNSSEC, DNS filtering, DoH)
• Proficiency in using tools like Wireshark, Riverbed App Response, Cisco ThousandEyes, NetFlow and sFlow for traffic analysis and anomaly detection
• Expertise in integrating network devices with SIEM platforms (Splunk, Elastic, or equivalent) for threat visibility and incident response
• In-depth understanding of BGP routing policies and OSPF configuration (including multi-area and IPv6). Knowledge of configuring site-to-site and remote access VPNs (IPSec and SSL)

Nice to have

• Certifications: CISSP, CCSA, CCSE, PCNS, ICE, BIG-IP ASM Specialist or equivalent

We offer

• By choosing EPAM, you're getting a job at one of the most loved workplaces according to Newsweek 2021 & 2022&2023.
• Employee ideas are the main driver of our business. We have a very supportive environment where your voice matters
• You will be challenged while working side-by-side with the best talent globally. We work with top-notch technologies, constantly seeking new industry trends and best practices
• We offer a transparent career path and an individual roadmap to engineer your future & accelerate your journey
• At EPAM, you can find vast opportunities for self-development: online courses and libraries, mentoring programs, partial grants of certification, and experience exchange with colleagues around the world. You will learn, contribute, and grow with us

Life at EPAM

• EPAM is a leading global provider of digital platform engineering and development services. EPAM has been expanding in Singapore since 2013 and delivering the best solutions to our customers. As a recognized leader, EPAM Singapore achieved Great Place to Work Certification in 2023 and is committed to providing our team with inspiring careers.
• You will have the opportunity to work with fellow talented technologists and accelerate your career by participating in our numerous upskilling, training, and certification programs. That is why EPAM Singapore was awarded Gold for Best In-House Certification Programmes in the Employee Experience Awards 2023 and Silver in the SkillsFuture Employers Awards 2022 for our efforts in championing employees' skills development and building a lifelong learning culture at the workplace. You can also look forward to developing holistically with the multiracial festivals and various wellness and cultural activities organized by our passionate colleagues here.