Network Security Engineer

Company Overview The SPTS division of KLA designs, manufactures and markets wafer processing solutions for the global semiconductor and related industries. SPTS provides industry leading etch and deposition process technologies on a range of single wafer handling platforms. End-market applications include MEMS, advanced packaging, LED, high speed RF device ICs and power semiconductors. SPTS is part of KLA Corporation which develops industry-leading equipment and services that enable innovation throughout the electronics industry. We provide advanced process control and process-enabling solutions for manufacturing wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. In close collaboration with leading customers across the globe, our expert teams of physicists, engineers, data scientists and problem-solvers design solutions that move the world forward.

About this Job: This role will be based at our new 237,000-square-foot Newport facility which provides additional production and customer collaboration spaces, including 25,000 square feet of R&D clean rooms, 35,000 square feet of state-of-the-art manufacturing space and tool demo areas, all designed to support development of semiconductor process technologies across advanced packaging, power devices, MEMS, RF and photonics sector technology. You will be a part of the Network Security team responsible for Cyber Defense and Engineering. The Network Security team’s primary focus is management of security and defense platforms, technologies, tools, and services supporting security controls across KLA environments. As a Network Security engineer, you will be responsible for deploying, tuning and maintaining security policies and enhancements to protect company sensitive and confidential information to mitigate security threats to the corporate network, assets, data, and users. You will additionally support cross-functional teams such as cyber, IT, engineering divisions, architects, and analysts in deploying, integrating, and managing technologies to safeguard data in compliance with pertinent regional regulations, contractual obligations, and confidentiality standards. This position is a hands-on role that requires knowledge of network security technology related to Palo Alto Firewalls, Network access control (NAC), Proxy solutions, Remote Access and Extranet Third-Party Access solutions, intrusion Detection/Prevention, Network Anomaly Detection/Response, DNS security, Cloud Security and other network security technologies. The candidate must understand how the design of these security capabilities impacts management and administration, as well as business applications, network performance, and end user experience. In order to enhance collaboration and cross-functional partnerships, among other things, at this time, our organization follows a hybrid work schedule that requires employees to work in the office 3 days a week, or as directed by their manager/department. We regularly review our hybrid work model, and the specific requirements may change at any time.

• Implement and support security solutions that meet corporate security requirements.
• Configure and troubleshoot network firewalls to ensure optimal network security.
• Work closely with Security team partners/Business Relationship Managers, Field IT leadership and managed service suppliers to ensure successful identification and timely delivery of network security services to the business.
• Drive and develop automation opportunities for the management of security infrastructure
• Manage and maintain our firewall systems to ensure optimal performance and security.
• Analyze and proactively come up with creative solutions for operational needs that present security challenges.
• Manage and maintain security systems by applying system patches and other periodic maintenance tasks.
• Create and maintain standard operating procedures and guides for new and/or existing security solution implementations.
• Regularly communicate progress to company leadership and program collaborators
• Attend weekly teleconferences, meetings, and participates in working groups, as related to constant changing security environment.
• Zero Trust Network Policy (Micro Firewall & Network Security rule design and administration across multiple platforms

• Proven experience working in a security team.
• Extensive experience with network security design, firewall management, and intrusion detection.
• Deep experience in deploying application-based firewalls (Palo Alto, Fortinet or similar) on premise or in cloud base services (Prisma, Zscaler or similar), and SSL inspection techniques.
• Proficiency in multiple security technologies, including network security, NGFW, NAC, network segmentation, network security architecture.
• Solid knowledge and working experience with Layer 2-7 protocols and technologies
• Solid understanding and troubleshooting experience with routing, security protocols, ACLs, Firewalls, WAF, and Intrusion Prevention Systems
• Experience with open-source network scanning tools
• Excellent communication and interpersonal skills including the ability to build consensus and to present complex presentations
• Basic knowledge with one or more scripting languages
• Certifications – PCNSA or similar, CISSP or similar, SANS GCIH or similar

KLA’s benefits package includes: Annual leave starting at 25 days (plus bank holidays), contributory pension scheme, cash health plan, cycle to work scheme, global bonus plan, share scheme, rewards scheme, and life assurance.

Minimum Qualifications: We offer a competitive, family friendly total rewards package. We design our programs to reflect our commitment to an inclusive environment, while ensuring we provide benefits that meet the diverse needs of our employees. KLA is proud to be an equal opportunity employer. Be aware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as KLA employees. KLA never asks for any financial compensation to be considered for an interview, to become an employee, or for equipment. Further, KLA does not work with any recruiters or third parties who charge such fees either directly or on behalf of KLA. Please ensure that you have searched for legitimate job postings. KLA follows a recruiting process that involves multiple interviews in person or on video conferencing with our hiring managers. If you are concerned that a communication, an interview, an offer of employment, or that an employee is not legitimate, please send an email to verify the person you are communicating with is an employee. We take your privacy very seriously and confidentially handle your information.

Application information: Apply For Job