Location : Belapur
The role is responsible for implementing and managing a Hybrid Security Service Edge (H-SSE) framework with Zero Trust Network Architecture (ZTNA) for bank. The candidate will ensure the solution is secure, scalable, resilient, highly available, and compliant with RBI, CERT-In, Indian IT laws, foreign regulatory mandates (where applicable), and bank Information Security Policy Framework.
Key Responsibilities
1. H-SSE & Zero Trust Architecture
Implement Hybrid SSE architecture combining cloud-based SSE and on-prem security controls.
Implement Zero Trust Network Architecture (ZTNA) with identity-based, role-based, and context-aware access.
Define architecture for local internet breakout across bank branches and offices.
Ensure high availability, redundancy, disaster recovery, and scalability.
2. Cloud-Based Security Service Edge
Deploy and manage Cloud-based SSE to secure user access to:
Internet websites
Cloud applications
SaaS platforms
Implement advanced security controls including:
Secure Web Gateway (SWG)
CASB
Firewall-as-a-Service (FWaaS)
Advanced Threat Protection
URL filtering and malware protection
3. On-Premises Secure Web Gateway
Design and operate On-Prem Secure Web Gateway (SWG) for:
Critical servers
Internet-facing systems
Integrate on-prem SWG with cloud SSE for unified policy enforcement.
4. Cloud-Based VPN / Private Application Access
Implement Cloud-based VPN / Private Application Access for secure access to bank s internal systems.
Enable role-based and least-privileged access to applications.
Ensure seamless integration with IAM, MFA, and device posture checks.
5. Data Loss Prevention (DLP)
Implement DLP controls for internet and private application access.
Prevent leakage of Bank s sensitive data and PII in compliance with:
RBI guidelines
CERT-In directives
Data privacy and localization mandates
Define and enforce data classification and protection policies.
6. Local Internet Breakout & Global Offices
Enable local internet breakout from branches/offices routed via H-SSE.
Plan and execute migration of Internet Proxies at 10 foreign offices to H-SSE.
Ensure compliance with country-specific regulatory requirements for foreign locations.
7. Compliance & Governance
Ensure compliance with:
RBI, CERT-In, and Indian IT Act
Applicable foreign regulatory and statutory mandates
Bank Information Security Policy Framework
Support audits, VA/PT, regulatory inspections, and compliance reporting.
8. Managed Services & Operations
Provide 9×5 managed security services including:
Monitoring
Incident response
Policy management
Change management
Define SLAs, KPIs, SOPs, and escalation matrices.
Coordinate with bank stakeholders, OEMs, and internal teams.
Technical Skills Required
SSE / SASE platforms (Zscaler, Palo Alto Prisma, Netskope, Forcepoint, etc.)
Zero Trust / ZTNA architecture
Secure Web Gateway (Cloud & On-Prem)
VPN, Private Access, Remote Access Security
DLP (Endpoint, Network, Cloud)
IAM, MFA, SSO integration
Network Security (Firewalls, Proxies, Routing)
High Availability & DR design
Compliance & Audit support
Educational Qualification:-
1. BE / ME (Computer / IT & Allied Branches / ECE)
2. B. Tech / M. Tech (Computer / IT / ECE)
3. MCA
4. MSc (Computer / IT & Allied Branches
OEM / Professional Certification for Cloud Solution
CCSP / AZ-305 (Azure Solutions Architect Expert) / AWS Certified Solutions Architect / GCP Professional / OEM Certificates expert level Including Architectural level design and knowledge / OEM relevant Certification on SSE.
Industry Experience for Cloud / SSE Solution
10+ years of total experience out which 7+ years of relevant experience in implementing and managing the SSE solution.
…