Responsible Domains as below: Firewall Management: 1.Design, implement, and maintain firewall policies to protect the organization's network from unauthorized access and cyber threats. 2.Monitor firewall logs and alerts to identify and respond to security incidents. 3.Conduct regular firewall rule reviews and updates to ensure compliance with security policies and best practices. Proxy Management: 1.Manage and configure proxy servers to control and monitor internet access and ensure secure web browsing. 2.Implement and maintain web filtering policies to block malicious websites and content. 3.Monitor proxy server performance and troubleshoot issues to ensure optimal functionality. VPN Management: 1.Configure and manage VPN solutions to provide secure remote access for employees and partners. 2.Monitor VPN connections and logs to detect and respond to unauthorized access attempts. 3.Ensure VPN infrastructure is up-to-date with the latest security patches and updates. Anti-DDoS Management: 1.Implement and manage Anti-DDoS solutions to protect the network from distributed denial-of-service attacks. 2.Monitor network traffic for signs of DDoS attacks and respond promptly to mitigate impact. 3.Conduct regular assessments to ensure the effectiveness of Anti-DDoS measures. Router, Switches, and Load Balancer Management: 1.Configure and manage routers, switches, and load balancers to ensure efficient network traffic flow and high availability. 2.Provide technical advice and expertise in design and support of large-scale corporate network infrastructure, including enterprise grade switches, routers, load balancers and monitoring tools. 3.Monitor and supervise day-to-day support and troubleshooting and operations activities in network infrastructure. 4.Monitor the performance of network devices and troubleshoot issues to maintain optimal network functionality. 5.Implement security measures to protect network devices from unauthorized access and cyber threats. Monitoring Tools Management: 1.Deploy and manage network monitoring tools such as SolarWinds, Darktrace, Crowdstrike, SIEM to track network performance and security. 2.Analyze monitoring data to identify potential security threats and performance bottlenecks. 3.Generate reports on network performance and security incidents for management review. Privileged Access Management (PAM): 1.Implement and manage PAM solutions such as CyberArk to control and monitor privileged access to critical systems. 2.Ensure secure storage and management of privileged credentials. 3.Conduct regular audits of privileged access and usage. Vulnerability Scanning: 1.Perform regular vulnerability scanning using tools such as Tenable and Qualys to identify and remediate security weaknesses. 2.Analyze scan results and prioritize remediation efforts based on risk. 3.Maintain up-to-date vulnerability management documentation. Endpoint Data Loss Protection: 1.Implement and manage endpoint data loss protection solutions to prevent unauthorized data exfiltration. 2.Monitor endpoint activity for signs of data loss and respond to incidents. 3.Ensure compliance with data protection policies and regulations. DNS and Certification Management: 4.Manage DNS infrastructure to ensure secure and reliable domain name resolution. 5.Implement and manage certification management processes to ensure the integrity and validity of digital certificates. 6.Monitor and renew certificates to prevent expiration and security risks. Security Operations: 1.Collaborate with the Security Operations Center (SOC) to monitor network traffic and respond to security incidents. 2.Conduct regular vulnerability assessments and penetration testing to identify and mitigate security risks. 3.Develop and implement network-specific detection rules and correlation searches. Compliance and Documentation: 1.Ensure compliance with network-specific security frameworks and industry standards. 2.Maintain detailed network security documentation including topology diagrams and data flow maps. 3.Conduct regular network security audits and prepare reports for management. Team Collaboration and Training: 1.Provide guidance and training to team members on network security best practices. 2.Collaborate with other departments to ensure a unified security posture across the organization. Preferred Qualifications: 1.Bachelor's degree in Computer Science, Information Technology, or a related field. 2.Proven experience in network security operations, with a minimum of 5 years in a similar role. 3.In-depth knowledge of firewall, proxy, VPN, Anti-DDoS, router, switch, load balancer, monitoring tool, PAM, vulnerability scanning, endpoint data loss protection, DNS, and certification management technologies. 4.Relevant certifications such as CISSP, CCNP/CCIE, Security, PCNSE, CyberArk, Tenable, Qualys, or equivalent. 5.Good knowledge in large scale network infrastructure / technology including TCP/ IP, TACACS / Radius, OSPF and BGP. 6.Strong problem-solving and troubleshooting skills. 7.Excellent interpersonal and communication skills. 8.Candidates are expected to have experience in some of the areas mentioned above, but not necessarily all. We value a diverse skill set and are looking for individuals who can bring their unique expertise to our team. 工作地点：佛山IFC国际金融中心 工作时间：做五休二，周末双休