Network Security Engineer

KLA

KLA is a leader in process control using advanced inspection tools, metrology systems, and computational analytics. Keep Looking Ahead.

Company Overview

The SPTS division of KLA designs, manufactures, and markets wafer processing solutions for the global semiconductor and related industries. SPTS provides industry-leading etch and deposition process technologies on a range of single wafer handling platforms. End-market applications include micro-electromechanical systems (MEMS), advanced packaging, LED, high-speed RF device IC’s and power semiconductors. SPTS is part of KLA Corporation which develops industry-leading equipment and services that enable innovation throughout the electronics industry. We provide advanced process control and process-enabling solutions for manufacturing wafers and reticles, integrated circuits, packaging, printed circuit boards, and flat panel displays. In close collaboration with leading customers across the globe, our expert teams of physicists, engineers, data scientists, and problem-solvers design solutions that move the world forward.

Job Description

About this Job:

You will be a part of the Network Security team responsible for Cyber Defense and Engineering. The Network Security team's primary focus is management of security and defense platforms, technologies, tools, and services supporting security controls across KLA environments. As a Network Security engineer, you will be responsible for deploying, tuning, and maintaining security policies and enhancements to protect company sensitive and confidential information to mitigate security threats to the corporate network, assets, data, and users. You will additionally support cross-functional teams such as cyber, IT, engineering divisions, architects, and analysts in deploying, integrating, and managing technologies to safeguard data in compliance with pertinent regional regulations, contractual obligations, and confidentiality standards.

This position is a hands-on role that requires knowledge of network security technology related to Palo Alto Firewalls, Network access control (NAC), Proxy solutions, Remote Access and Extranet Third-Party Access solutions, intrusion Detection/Prevention, Network Anomaly Detection/Response, DNS security, Cloud Security, and other network security technologies. The candidate must understand how the design of these security capabilities impacts management and administration, as well as business applications, network performance, and end user experience.

In order to enhance collaboration and cross-functional partnerships, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.

Responsibilities:

• Implement and support security solutions that meet corporate security requirements.
• Configure and troubleshoot network firewalls to ensure optimal network security.
• Work closely with Security team partners/Business Relationship Managers, Field IT leadership, and managed service suppliers to ensure successful identification and timely delivery of network security services to the business.
• Drive and develop automation opportunities for the management of security infrastructure.
• Manage and maintain our firewall systems to ensure optimal performance and security.
• Analyze and proactively come up with creative solutions for operational needs that present security challenges.
• Manage and maintain security systems by applying system patches and other periodic maintenance tasks.
• Create and maintain standard operating procedures and guides for new and/or existing security solution implementations.
• Regularly communicate progress to company leadership and program collaborators.
• Attend weekly teleconferences, meetings, and participate in working groups, as related to the constantly changing security environment.
• Zero Trust Network Policy (Micro Firewall & Network Security rule design and administration across multiple platforms).

Qualifications:

• Proven experience working in a security team.
• Extensive experience with network security design, firewall management, and intrusion detection.
• Deep experience in deploying application-based firewalls (Palo Alto, Fortinet, or similar) on-premise or in cloud-based services (Prisma, Zscaler, or similar), and SSL inspection techniques.
• Proficiency in multiple security technologies, including network security, NGFW, NAC, network segmentation, and network security architecture.
• Solid knowledge and working experience with Layer 2-7 protocols and technologies.
• Solid understanding and troubleshooting experience with routing, security protocols, ACLs, Firewalls, WAF, and Intrusion Prevention Systems.
• Experience with open-source network scanning tools.
• Excellent communication and interpersonal skills including the ability to build consensus and to present complex presentations.
• Basic knowledge with one or more scripting languages.
• Certifications – PCNSA or similar, CISSP or similar, SANS GCIH or similar.

What we will offer you?

SPTS’s benefits package includes: Annual leave starting at 25 days (plus bank holidays), contributory pension scheme, cash health plan, cycle to work scheme, global bonus plan, share scheme, rewards scheme, and life assurance.

KLA is proud to be an equal opportunity employer.