Please click here to apply:

Opportunity in Network Security

Job Details

About Clifford Chance

Clifford Chance is one of the world’s leading law firms, helping clients achieve their goals by combining the highest global standards with local expertise. The firm has unrivalled scale and depth of legal resources across the three key markets of the Americas, Asia and Europe and focuses on the core areas of commercial activity: capital markets; corporate and M&A; finance and banking; real estate; tax; pensions and employment; litigation and dispute resolution.

The Team

The Networks & Communications Team is an integral part of the Infrastructure Services (IS) function within Clifford Chances Global IT Operations organization.

Network & Communications design, build, deploy and manage all aspects of IT Networking, Network Security, Unified Communications and Collaboration technologies and services. We are a high performing global team, operating on a 24x7x365 basis to deliver a stable, secure and scalable service for Clifford Chance, in accordance with ITIL and Industry best practice.

Network Operations is made up of two sub teams, each with a dedicated Team Lead and subsequent pool of operations support engineers; Network Operations and Network Security Operations. Network Operations is made up of an offshore managed service of 4 resources, and Network Security Operations is made up of onshore team of 3 resources.

The Role

Reporting to the Network Operations Manager, the Network Security Team Lead has both Operational and Engineering responsibilities (approx. 70% Engineering and 30% Operational). While the Engineering effort outweighs direct operational involvement, the role is to provide technical and workload leadership to a small team of Network Security Analysts performing operational support. The role is a dotted line report into the Network Engineering Manager for Engineering related tasks.

This is a domain expert/SME role and must be hands on as well as design focussed. You will have expert technical and practical knowledge of all core network security technologies and components.

Key Responsibilities

The Network Security Team Lead’s key responsibility is to ensure there are defined standards in place across Network Security, lead all technical design and implementation and ensure the smooth operation and security of the network infrastructure throughout its lifecycle. Additionally providing day to day workload management and technical leadership for all Network Security Operations Analysts.

Services within your remit include, but are not limited to: Branch office and Data Centre security, Firewall, IDS/IPS, Internet, Web Proxy/URL Filtering, IPAM and External DNS.

Operations & Team Leadership

• You will provide technical leadership and direction to the Network Security team, mentor and provide day to day task management, setting clear expectations, goals and identifying areas for improvement.
• Support the Network Operations Manager with maintaining a skills matrix for all Network Security team members; including self, removing key man risk.
• Support the Network Operations Manager with ensuring the Network Security team is correctly positioned, organised, resourced and structured.
• Deputising for the Network Operations Manager in their absence as and when required.
• Incident Management – technical escalation for all P1 incidents and oversee troubleshooting of complex outages, including recommend corrective actions.
• Problem Management – technical oversight of Problem management activities ensuring that all open problem records with Network Security are completed and closed out swiftly.
• Change Management – act as technical approver for all Network Security related changes.
• Ensure that the network security infrastructure is fully documented and performing as required for internal and customer SLA guarantees and expectations by means of specific metrics and measurements.
• Provide the Network Operations Manager with relevant reporting covering availability, performance and capacity across all Network Security services.
• Manage and maintain security operations in line with the organisations security policy and industry best practice.
• Identify, document and flag any operational risks up to the Network Operations Manager.

Design & Engineering

• Define and enforce standards for Network Security, ensuring these are implemented and adhered to at all times within the global infrastructure.
• Define and create system installation and configuration documents for reference.
• Ensure relevant Knowledge Base (KB) articles exist and are maintained to support the swift resolution of future/repeat issues.
• Identify and correct network non-compliance issues.
• Work closely with Network Engineering Manager and Enterprise Architecture to influence and shape the strategic direction for Network Security services and platforms.
• Support the Network Engineering Manager with maintaining a delivery roadmap for all Network Security products and services, with at least a rolling 2 year outlook.
• Support Network Engineering Manager with managing the Technology Lifecycle Management for all Network Security products, reviewing on a bi-annual basis to ensure it remains up to date.
• Support the Network Operations Manager and Network Engineering Manager with investment planning; including business case, budget preparation and timeline determination.
• Recommend new networking technologies to improve performance, reliability and scalability.
• Work closely with other Network Engineers to plan and complete assigned tasks within deadlines.
• Produce accurate bills of materials to support the technical designs including hardware, software and licensing.
• Produce and create all Network Security related HLD and LLD’s inputs.

Skills and Qualifications

• You must be able to demonstrate extensive experience of network security and internet working within a global enterprise scale organisation (5000-50,000 users), with some experience of working as a team lead or manager in a similar role.
• You will be a recognised expert in your field with previous experience in roles such as Network Security Architecture, Principle Security Engineer or Lead Security Engineer.
• You will have considerable first-hand experience of defining standards and creating designs, as well as implementing technical solutions to meet the business requirements.
• You will be used to providing technical support in a pressurised environment, ideally within legal or investment banking.
• You will be an excellent communicator with effective influencing skills essential in order to function effectively in a matrix-managed environment and liaise effectively with global colleagues and team members at all levels.
• Acted as Team Lead or Manager for a technical team with a global remit.

You will have Expert knowledge and experience of the following areas:

• CheckPoint Firewalls (NGFW, NGTP, Appliance, Virtual Clustering, Acceleration, FW Monitor)
• Security management platform
• Web Proxy / URL filtering (Websense/Forcepoint)
• Packet Capture and Netflow
• L7 functions / Application Control and User Identity
• Cisco Identity Services Engine (ISE)
• Network Address Translation (NAT)
• BGP and OSPF routing
• MPLS, DMVPN, IPSec VPN, TACACS authentication
• VLAN, Spanning Tree, L3 interfaces, HSRP, EIGRP, TCP/IP
• Network Security products (including IDS, IPS, DLP)
• DDOS mitigation techniques and technologies

You would ideally have a solid understanding or experience with the following areas:

• Cisco Routing & Switching (IOS, ASR, ISR and Nexus)
• Cisco Wireless LAN Contorller & Access Points
• WAN Optimisation (Riverbed)
• F5 GTM and LTM load balancers (BIG-IP/Viprion)
• Policy maps for routing
• QoS (Quality of Service), ACL (Access Control Lists)
• Network Monitoring & Alerting (SolarWinds/Eye of the Storm)
• Various testing tools to troubleshoot and resolve complex technical issues

You will have the following certification or demonstrable working experience:

• Degree level qualification in a relevant field
• Check Point CCSE certified
• Cisco CCNA certified, CCNP strongly preferred
• ITILv3 foundation or higher

It would be advantageous and desirable to have the following:

• CCIE Security certification
• Certification as an Information Security professional (e.g. IISP/CISA/CISM/CISSP/ ISA)
• Systems management knowledge of Windows OS, Linux/Unix would be an advantage. scripting knowledge

Key Personal Attributes

• You will be able to identify tasks and manage them effectively to completion autonomously without supervision.
• You will be highly organised and have proven ability to operate well under pressure, working to tight deadlines; leading complex investigations to root cause analysis.
• You will have excellent problem management and customer service skills.
• You will have a positive attitude and be capable of remaining positive even when under immense pressure.
• You will be able to provide technical leadership and mentoring and take the teams on a journey of automation and improvement.
• You are someone who never accepts the status-quo; who challenges why things are done the way they are.
• You work well with others, in a collaborative environment.
• You discourage hero culture and ensure the team always comes before the individual.
• You will have an attention to detail in everything you do along with a natural willingness to help your customers and colleagues.
• You know what and when to escalate matters before they generate unwanted noise or attention.

In addition the Network Security Team Lead should possess the following key attributes:
Analytical Thought and Problem Solving

The ability to gather and analyse information and to use the results of that analysis to make effective decisions and find innovative solutions to problems.

Communicating and Influencing

The ability to communicate clearly, persuasively and with sensitivity, both orally and in writing.

Commitment and Self-motivation

Commitment to both Clifford Chance and its clients*, demonstrated in the drive to improve both quality of delivery and personal performance.

Leading and Developing Others
The ability to lead and manage others, both by contributing to the vision of the organisation and by enabling others to develop themselves.

Organising and Managing Resources

The ability to plan and organise yourself and others effectively in order to meet business priorities.

Working Relationships

The ability to form working relationships with others, both inside and outside of Clifford Chance, and to use those relationships to benefit both individuals and the organisation.

Organisational/Strategic Thinking

The ability to see the role in the broader context of the organisation as a whole and its clients, and to use that knowledge to drive action.

Equal Opportunities

It is the Firm’s policy to treat all employees and job applicants fairly and equally regardless of their gender, marital or civil partnership status, race, colour, national or ethnic origin, social or economic background, disability, religious belief, sexual orientation, or age. Furthermore, the Firm will ensure that no requirement or condition will be imposed without justification which could disadvantage individuals purely on any of the above grounds.

The policy applies to recruitment and selection, terms and conditions of employment including pay, promotion, training, transfer and every other aspect of employment.

The Firm will regularly review its procedures and selection criteria to ensure that individuals are selected, promoted and otherwise treated according to their relevant individual abilities and merits.

The Firm is committed to the implementation of this policy and to a programme of action to ensure that the policy is, and continues to be, fully effective. All staff are required to comply with the policy and to act in accordance with its objectives so as to remove any barriers to equal opportunity. Any act of discrimination by employees or any failure to comply with the terms of the policy will result in disciplinary action.

Please click here to apply: