Job Description

Assistant Manager – Network Security (SSE) with 5-7 years of relevant experience in cloud-delivered security solutions. The role requires strong hands-on expertise in Security Service Edge (SSE) platforms to ensure secure, reliable, and efficient web and SaaS access across the organization.

The ideal candidate will have proven experience in solution design, implementation, and operations of platforms such as Netskope and Zscaler, along with deep expertise in SWG, Web DLP, CASB, Cloud Firewall, and DNS Security

• Manage and administer SSE platforms (Netskope, Zscaler), including policy design, configuration, monitoring, and troubleshooting.
• Own end-to-end solution design and architecture for SSE deployments and enhancements.
• Manage and resolve escalation level issues related to Secure Web Gateway (SWG) services.
• Design, implement, and optimize Web DLP, CASB, Cloud Firewall, DNS security, and SaaS security policies aligned with business and compliance requirements.
• Manage data protection controls, including content inspection, data classification, and policy enforcement across web and cloud applications.
• Configure and manage cloud firewall rules, DNS filtering policies, URL filtering, SSL inspection, and access control mechanisms.
• Ensure proper functioning, deployment, and lifecycle management of endpoint agents and client steering mechanisms.
• Evaluate new SSE features and capabilities, conduct testing/POCs, and propose adoption strategies aligned with the organization’s security posture.
• Partner with business teams to securely onboard new internet-facing applications and tools, designing solutions that ensure minimal risk exposure.
• Collaborate with NITSO and security stakeholders to assess impact, validate architectures, and align solutions with enterprise security standards.
• Prepare and present quarterly SSE platform review reports (posture, incidents, adoption, optimization opportunities) in collaboration with NITSO.
• Maintain platform documentation, architecture diagrams, and operational runbooks.
• Collaborate with cross-functional teams for incident response, threat analysis, and change management.

• Strong hands-on expertise in Security Service Edge (SSE) architecture and components (SWG, CASB, DLP, ZTNA fundamentals).
• Experience with Netskope and/or Zscaler, including Cloud Firewall and DNS Security capabilities.
• Deep understanding of Web DLP, including data identifiers, exact data match, fingerprinting, and policy tuning.
• Strong knowledge of CASB capabilities, including SaaS visibility, access control, API-based protection, and shadow IT governance.
• Hands-on experience with Cloud Firewall policies (L3–L7 controls, application-based access, segmentation).
• Experience in DNS security, including DNS filtering, threat protection, and secure DNS enforcement.
• Understanding of identity integration (Azure AD/Okta or similar) and SSO concepts (SAML, OAuth).
• Hands-on experience with SSL/TLS inspection, certificate management, and encryption handling in SSE platforms.
• Familiarity with endpoint posture checks, device classification, and client-based enforcement.
• Experience in log analysis, incident investigation, and policy tuning using SSE dashboards and SIEM integrations.
• Working knowledge of proxy architecture, PAC files, and traffic forwarding mechanisms (agent, GRE/IPSec).
• Exposure to cloud environments (Microsoft 365, SaaS apps) from a security and access control perspective.
• Experience with ITSM tools like ServiceNow and understanding of change/problem management processes.
• Netskope Certified Professional (NCP) or equivalent SSE certification - strongly preferred.
• Experience in SSE solution design and large-scale enterprise deployments.
• Strong analytical, troubleshooting, and stakeholder communication skills.
• Ability to operate in a dynamic environment and support critical business functions.