Network Security Reliability Engineer (NRE)-8+ years- Mumbai

Network Security Reliability Engineer – ( NRE ) - Level 3

Who we are

Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB) is the corporate and investment banking arm of Crédit Agricole Group, world’s 10th largest bank by total assets. We work daily with international branches located in 30 markets by:

• Envisioning and preparing the Bank’s futures information systems
• Partnering and supporting core banking flagships and transverse areas in their large scale development projects.
• Providing premium In-house Banking applications.

This unique positioning empowers us to bring our core banking business a sustainable competitive advantage on the market.

We seek innovative and agile people sharing our mindset to support ambitious and forthcoming technological challenges.

Department

The Information Technology Services (ITS) department is responsible for ensuring the availability, stability, security, and performance of our bank's IT infrastructure, applications, and enduser systems. Operating 24/7, we are dedicated to guaranteeing worldwide production stability and availability.

We play a leading role in shaping the IT strategy for the APAC and Middle East regions, while also providing expert technical support to other regions. Our services extend to international sites, where we offer Level 4 support, including support to the Americas.ss

Role Overview

We are seeking an experienced Network Security Reliability Engineer – Level 3 to join our infrastructure Network and security Operations team. The ideal candidate will have 8–12 years of hands-on experience in installing, configuring, optimizing, and troubleshooting enterprise-grade network and security solutions. The position requires strong technical proficiency across multiple vendor platforms, including Cisco, Arista, Fortinet, F5, Infoblox, Skyhigh, Ivanti, Check Point, and Trend Micro.

The candidate will be responsible for ensuring the reliability, integrity, and security of network and security infrastructure across large enterprise environments, while also supporting incident response, performance tuning, and ongoing service improvements.

Key Responsibilities

Network & Security Infrastructure Management

• Install, configure, and maintain multi-vendor network and security devices across data centers, cloud environments, and remote sites.
• Perform advanced troubleshooting and root-cause analysis for complex network and security issues.
• Implement secure network architecture, segmentation, and access control best practices.
• Conduct regular security posture assessments and recommend improvements.
• Maintain high availability, redundancy, and resilience across all network and security platforms.

Vendor-Specific Responsibilities

Cisco

• Configure and manage Cisco routers, switches, WLC, ISE, ACI solutions.
• Troubleshoot routing protocols (BGP, OSPF, EIGRP) and Layer 2 technologies.
• Security Haredning and vulnerability assessment remediations.
• Manage Cisco ISE policies and NAC enforcement.
• Vendor technical support escalations as needed.
• ACI infrastructure Management
• ISE NAC , profiling and posture management.

Arista

• Deploy and manage Arista switches in data center.
• Configure EOS, VXLAN/EVPN fabrics, and advanced automation features.
• Security Haredning and vulnerability assessment remediations.
• Diagnose connectivity, performance, and fabric-related issues.
• Vendor technical support escalations as needed.

Fortinet

• Install and configure FortiGate firewalls, VPNs, IPS and security profiles.
• Manage FortiAnalyzer/FortiManager for centralized policy and log management.
• Troubleshoot Firewall, IPS, and application control issues.
• Vendor technical support escalations as needed.
• Security Haredning and vulnerability assessment remediations.
• SDWAN management

F5

• Configure and manage F5 BIG-IP LTM, ASM, APM modules.
• Develop and troubleshoot iRules/iApps.
• Security Haredning and vulnerability assessment remediations.
• Perform load balancing, traffic management, and WAF policy tuning.
• Vendor technical support escalations as needed.

Infoblox

• Administer Infoblox DDI (DNS, DHCP, IPAM).
• Ensure high availability, DNS security (DNSSEC), and IP address management accuracy.
• Troubleshoot DNS/DHCP issues and integrate with other security platforms.
• Security Haredning and vulnerability assessment remediations.
• Vendor technical support escalations as needed.

Skyhigh (McAfee/Skyhigh Security)

• Manage security gateways.
• Proxy traffic monitoring/study/optimization.
• Monitor and optimize proxy security posture.
• Troubleshoot secure web gateway issues.
• Vendor technical support escalations as needed.

Ivanti

• Deploy and maintain Ivanti Secure connect solutions.
• Configure security policies, and compliance reporting.
• Troubleshoot endpoint security, patch failures, and agent-related problems.
• Vendor technical support escalations as needed.

Check Point

• Install and configure Check Point firewalls, SmartConsole, and security blades.
• Maintain VPNs, IPS, threat prevention, and rule optimization.
• Perform advanced troubleshooting using logs, packet captures, and fw monitor tools.
• Vendor technical support escalations as needed.

Trend Micro

• Configure and maintain Trend Micro endpoint and server security solutions.
• Manage malware protection, behavioral analysis, and threat detection platforms.
• Troubleshoot agent connectivity, updates, and threat events.
• Vendor technical support escalations as needed.

Additional Responsibilities

• Participate in on-call rotation, incident response, and escalations.
• Document configurations, change requests, runbooks, and network diagrams.
• Work closely with Security Operations, CSIRT and Infrastructure teams.
• Support audits, compliance activities, and security governance initiatives.
• Participate in new technology evaluations and contribute to architectural designs.
• Vulnerability assessment , CVE validation, scope review, prepare remediation plans.
• Patch validation and Firmware baseline review.
• Permanent control review/validation/submission.
• Firewall rule review/valiation/and optimization.
• Performance analysis and recommendation.
• Network Traffic optimization ( QoS/SDWAN )
• Cacpity planning / recommendation.

Required Skills & Qualifications

• 8–12 years of professional experience in network and security engineering roles.
• Strong understanding of TCP/IP, routing/switching, VPNs, and network security concepts.
• Proven experience with at least 4–6 of the listed vendor technologies, with working knowledge of the others.
• Hands-on expertise with Routing, switching, SDN, firewalls, load balancers, IDS/IPS, proxy, NAC, WLC systems.
• Experience with automation tools (Ansible, Python, REST APIs) is a plus.
• Strong analytical, troubleshooting, and incident-management abilities.
• Excellent communication, documentation, and stakeholder-management skills.

Preferred Certifications (Any of the following):

• Cisco CCIE
• Arista ACE
• Fortinet NSE 7
• F5 Certified Administrator/Engineer
• Check Point CCSA/CCSE
• Infoblox Core DDI
• Trend Micro Certified Professional
• Security certifications: CISSP, CISM, CEH (preferred)

Education

• Bachelor’s degree in Computer Science, Information Technology, Engineering, or related field (or equivalent experience).