Networks Engineering Consultant

Task description

The scope of services includes the following tasks, which are performed independently:    

- Analyze security concepts provided by the business project teams in order to identify outdated technology, gaps and insufficiencies. Present the results to Uniper accordingly including professional consulting about how to meet security standards along with corresponding measures; sign off by Uniper prior to requester to be able to submit FCRs (Firewall change request). Uniper will hand out relevant documents beforehand. Check if all requirements are fulfilled and advise the requester to submit the FCRs.
- Review security concepts (Q-gate) and technically consult business for release to the technical workstream for the implementation in accordance with the defined FCR process (Firewall change request). Approve / reject the requests in a workflow tool where the security concepts are filled in (workflow process).
- Steer the quality of the previously analyzed security concepts acts on a third level by checking the quality, technical requirements and information of the security concepts and technical requirements. Once quality is met, the business submits the security approval for implementation to the security officers. The quality standards are defined by the industry standards - ENISA, NIST or ISO 27001.
- Provide guidance to teams on how to resolve potential security flaws / findings on the submitted concept before approval so the requesting party can submit for final step approval. The guidance is based on elaborate test cases and in the later hypercare phase (pre-implementation) the guidance is based on industry best practices (defined in international standards) and information about the purpose of the request.
- Consult requesters on how to properly resolve issues identified on security concepts and how to get these successfully approved - the information is ingested via the application. If rejected by a security officer, review the information. In such cases, advise the business on how to correct the issues. This can be done by email, in virtual meetings via MS teams or phone. The progress will be visible on the amount of FCRs processed from the queue. Reduce the backlogs due to the overwhelming number of applications to the minimum (as much as possible) and get the FCRs in good quality for approval.
- Consult business requesters with regard to design, concept creation & implementation of network security aspects in the areas of

• Architecture design
• Architecture review
• Validate technical documentation according to best practices created by requesters
• Technically consult on finalizing design and architectural documents (write, review, edit)

- Manage escalation activities related to network security domain-related to the domain of network security. (Proxy, Network Segmentations Design and architecture questions, best practices principles according to industry, testing, understanding of frameworks provided by NIST, ISO27001, ENISA.) Technically consult the cyber defense team to adequately cope with security risks and issues and their mitigation. The process of escalations are handled fully by Uniper's security team.

Uniper provides all necessary information, access to the systems and requirements in advance.