Security - Networks Engineering Consultant

Task description

The scope of services includes the following tasks, which are performed independently:   

-   Analyze security concepts provided by the business project teams in order to identify outdated technology, gaps and insufficiencies. Present the results to Uniper accordingly including professional consulting about how to meet security standards along with corresponding measures; sign off by Uniper prior to requestor to be able to submit FCRs.

-   Uniper will hand out relevant documents beforehand. Check if all requirements are fulfilled and advise the requester to submit the FCRs.

-   Steer quality of security concepts acts in a third level. Once quality is meet the business shall submit the security approval for implementation to the security officers.

-   Review security concepts (Q-gate) and technically consult for release to technical workstream for implementation in accordance with defined FCR process (Firewall change request). Approve / reject the requests in a tool.

-   Provide guidance to teams on how to resolve potential security flaws / findings on the submitted concept before approval so the requesting party can submit the for final step approval.

-   Consult requesters on how to properly resolve issues identified on security concepts and how to get these successfully approved - the information is ingested via the application, if rejected by security officer it needs to be reviewed, in such case consultant will work with business directly to advise how to correct the issues. This can be done by email, in virtual meetings via MS teams, or phone. The progress will be visible on the amount of FRCs processed from the queue. The objective is to reduce the backlogs due to the overwhelming number of applications to minimum possible by helping the business to get their FRCs in good quality for approval.

-   Consult business requesters with regard to design, concept creation & implementation of network security aspects in the areas of

o   Architecture design

o   Architecture review

o   validate technical documentation according to best practices created by requesters

o   technically consult on finalizing design and architectural documents. (write, review, edit)

-   Manage escalation activities related to network security domain - related to the domain of network security. (Proxy, Network Segmentations Design and architecture questions, best practices principles according industry, testing, understanding of frameworks provided by NIST, ISO27001, ENISA. The escalations are handled fully by Uniper's security team. Technically consult the cyber defense team to adequately cope with security risks and issues and their mitigation.