Cyber Resilience – ZTNA Traffic Analyst

Title: Cyber Resilience – ZTNA Traffic Analyst

Salary: Up to 30 lakhs per annum

Location: Bangalore (local candidates only)

Work type: Hybrid

About your role

Within this role, you’ll be at the forefront of leading an enterprise network segmentation program, delivering initial ZTNA access for developers and system administrators, utilizing Zscaler Private Access (ZPA), translating business intent and data flows into declarative policy, reducing network attack surface and increasing cyber resilience.

• You’ll be reviewing historic traffic flow logs, aligning to business intent and requirements, determining and rationalizing network flows, and translating this into scalable and maintainable ZPA access policy.
• You’ll be aligning historical traffic flow logs with enterprise CMDB data sources, to determine application components and composition, ensuring all application components, and only those necessary, are included within the recommended enforcement policies for developers and administrators.
• You’ll be engaging with internal business units, developers, architects and SMEs to validate and rationalize observed traffic flows and interactions, confirming policy prior to implementation.
• You’ll be engaging with internal security stakeholders to assess and determine approval or rejection of certain traffic flows, according to the security and safety of protocol usage, following risk acceptance processes where necessary.
• You’ll be engaging with external stakeholders, within third-parties such as Fidelity Investments as well as other B2B organisations which FIL interconnect with, both within the network and security function, as well as within the business development and application support functions, to identify the nature of resources being accessed by FIL resources and vice versa, confirming and validating the need for these assets to be accessed according to defined business intent.
• You’ll be documenting all segmentation instances / application runs, incorporating into application passports attestation, contributing towards cyber KPI’s relating to improvement in cyber posture and risk reduction for developer and engineer access to internal applications and resources.

About you

A suitable candidate for this role would have the following skillset:

Subject Matter Expert Skillset – As part of joining the Engineering function and working on this cyber resilience acceleration project, you’ll be expected to bring a Subject Matter Expert (SME) skillset, specifically for Zscaler

• Private Access (ZPA). ZPA is the strategic underpinning and enabling technology for FIL users to remotely connect to internal applications and resources, and as such, knowledge and experience with translating observed traffic flows and user interactions to deterministic network policy restrictions within ZPA is essential. Your role here as a ZTNA traffic analyst will concentrate more on analysing the raw data and making policy recommendations, however, an appreciation and understanding for the Zscaler Private Access policy mechanism is welcome to accelerate implementation.
• Data Analysis & Manipulation – As part of joining the Engineering function and leading the cyber resilience acceleration project, you will be expected to take a data driven and analytical approach to drive segmentation, to sufficiently de-risk the segmentation process, without breaking application services or business processes. To this end, experience of working with Microsoft Sentinel / Azure Log Analytics / KQL, or other applicable SIEM applications, to harvest and mine log data and drive outcomes is essential. Experience in taking application flow data sets, analysing, rationalising, manipulating data sets, and translated into recommended policy sets is necessary, to accelerate the process of translating observed flows into network policy and approved business intent. Your role here as a ZTNA traffic analyst will concentrate more on the analysis of raw data and making policy recommendations, and as such, it’s essential this is your leading skillset, to ensure the right data, drives the right outcomes, and minimises disruption and incorrect policy implementation or enforcement actions.
• Programming / Scripting / Network Automation – Further to an SME skillset, it’s beneficial that you will bring some level of programming, scripting or automation experience. Examples of toolset experience expected here includes Python, CI/CD Pipelines, Terraform, Ansible, PowerShell, etc – aiding within the data analysis and manipulation job parameters.
• Problem Solving – As part of this role, you’ll be engaging within highly complex technical requirements and problems, requiring application of innovative solutions, to work through challenges within the workplace. As a member of the Engineering function, you’ll be expected to use your problem-solving skills, to provide solutions articulated by the business.
• Analytical Skills – As a member of the Engineering function, you’ll be expected to be able to break down complex problems and define technical solutions, based upon your analysis and triage of the problem and expressed requirements. You’ll need to be able to understand the problem domain you’re assigned from a variety of technical implementations and make recommendations for these domains based on vendor and industry best practice.
• Creativity – Brainstorming and creative thinking for developing initatives, solving problems and recommending technical solutions is highly important for working effectively within this role. Being able to think outside the box, being able to drill down to the root core requirement, and being able to recommend solutions which meet the most complex of requirements across various stakeholders is essential, in order to deliver scalable and robust solutions.
• Stakeholder Management – Being able to engage with various stakeholders across the business, including but not limited to, Enterprise Network Services colleagues, infrastructure architects, enterprise architects, security engineers and architects, as well as represnatives from the various FIL business units is necessary, in order to capture strategy, requirements and general intent / outcome, and allow this to be embedded into Enterprise Network Services assured and engineered solutions. Being able to manage the requirements of stakeholders, the expectations of stakeholders, and the delivery of stakeholder expressed outcome is necessary to ensure stakeholders are continuously informed and kept up to date, as the Engineering function progresses the scheme of work, relating to the stakeholder’s original requirement.