Description
Assignment: IoT Security Engineer
Start Date: ASAP
Duration: 6 months initial contract
Location: Remote during COVID19 - Based in Budapest
Rate: Market Rates
*Must have experience with IoT protocols, eg MQTT, AMQP, CoAP, BACnet, Modbus, etc.*
Position Description:
This role requires a senior network security engineer with a strong, broad background in network security design and technologies with specific focus on IoT/OT networks. The position is in support of the Smart Building/Re|Imagine Project with a primary focus to evaluate, design, and deploy network security controls to meet the business requirements of a new IoT/OT solution.
The Smart Building/Re|Imagine Project includes delivery of robust, innovative, and effective security solutions and may include one or more of the following areas of technical coverage: evaluation, design, and deployment of IoT/OT-related security controls; testing and design of Network Access Control solution for IoT/OT devices; design and deployment of Firewall DMZ as part of transport network to enable IoT/OT communications to the Internet/cloud; and/or design and integration of IoT-related security solutions with MS Firm systems.
The role will require detailed and clear documentation and effective communication to enable close collaboration across multiple cross-functional teams at Morgan Stanley. The resource will need to meet a series of deliverables over the next ~18 months due to legal and regulatory requirements.
Required Skills:
- Experience with IoT protocols, eg MQTT, AMQP, CoAP, BACnet, Modbus, etc.
- Practical experience in designing and deploying security solutions associated with IoT devices, eg occupancy sensors, indoor air quality sensors, etc.
- Experience with Network Access Control (NAC) technologies, with particular focus on 802.1x and MAC Authentication Bypass (MAB), including Cisco ISE (or similar vendor solutions)
- Experience with IoT-related cloud concepts, eg Microsoft Azure IoT Hub and IoT Edge runtime (and/or AWS Greengrass)
- Experience with wired and wireless technologies, including WiFi, Bluetooth, /ZigBee
- Familiarity with Cisco SD Access and DNA Center
- Familiarity with agentless monitoring concepts, eg span ports, port mirroring, etc.
- Familiarity with agent-based deployment and monitoring
- Understanding of BMS-related concepts and east-west micro-segmentation best practices
- Familiarity with NGFW Firewall platforms (eg Cisco, Fortinet) running advanced features such as L7 inspection and Application Intelligence
- Experience with large-scale network security design and documentation
Responsibilities:
- Lead security design of IoT-related Network Access Control, including integration with other teams/components
- Evaluate IoT security platforms related to both IoT gateway and IoT inspection/profiling solutions (eg Armis, Ordr)
- Conduct proof-of-concept testing of new solutions, including integrations with other teams/products
- Lead IoT-related security platform certification and onboarding, potentially including IoT/OT Device Lifecycle Management -- onboarding, decommission, registration of IoT/OT devices
- Collaborate with cross-functional teams to discuss and design the integration
- Create network diagrams and related documentation to propose solutions
- Present designs/solutions to wide audience, including senior management
- Create new operational procedures/runbooks, as required
- Identify opportunities to develop tools and automation of managed products
- Diagnosis and troubleshooting of systems, networks, and applications as required
- Collaborating with project managers and members of the enterprise networking, enterprise computing, end-user computing, and/or tech risk organizations
Desired Skills:
- Experience with UNIX/Linux administration
- Experience working with automation and Scripting (eg Python, Ansible, third-party vendor APIs)
Required Soft Skills:
- Excellent written and spoken English communication skills: capable of writing documentation, performing presentations to an internal audience, and interacting with senior management, colleagues and customers
- Strong organizational skills and experience working on enterprise level projects
- Strong interpersonal skills - communication, flexibility, self-driven, team player
Experience Requirements:
A minimum of 5 years working in the IT sector with practical, hands-on experience with IoT/OT network security
Networking People (UK) is acting as an Employment Business in relation to this vacancy.