NETSKOPE RESIDENT ENGINEER

Brillio will provide an expert level Sr. Security Engineer that is a Netskope Certified Cloud Security Architect (“Brillio Resident Engineer”) to provide ongoing discovery, design, integration and deployment, testing, troubleshooting, and support as per Customer’s methodology. Effort allocation shall be at the direction of the Customer. Below are activities that shall be conducted by the Brillio Resident Engineer.

In Discovery and Design activity, the Brillio Resident Engineer will host technical sessions to understand Customer’s network and security environment and discuss the technical deployment of the aspects of the Netskope solution and use cases under consideration at the time. As per the Customer’s objectives, requirements and/or design documents shall be created along with planning, test, and go live documentation as defined by Customer’s methodology.

• Conduct technical design sessions to understand and confirm Customer's use cases and requirements.
• Discuss the deployment of the Netskope solution in accordance with best practices, Customer’s policies, and processes.
• Host policy and governance sessions with Information Security Office personnel to design Netskope policy as deemed necessary by Customer’s Information Security Policy
• Create necessary documents per Customer’s requirements.

In Configuration, Integration, and Design activities, the Brillio Resident Engineer will perform hands-on Netskope configuration of policy and integrations as designed. The Brillio Resident Engineer will collaborate with the Customer internal resources under the direction of Customer. As per the Customer’s Netskope licensing, requirements and design, the following technical efforts may be included to be delivered alongside Customer personnel.

• Analyze and Configure Customer’s User Directory synchronized with the Netskope tenant, either via a Directory Importer running on a Windows server or via SCIM integration, the integration with Customer’s IdP for Single Sign-On (SSO) to the Netskope tenant and configuration of Role Based Access Controls (RBAC)
• Setup Forward Proxy Steering methods to steer SaaS applications, Private applications, all Web traffic, or All Traffic to the Netskope tenant.
• Advise and assist in traffic shaping/steering from current network egress devices.
• Advise and assist in Netskope Client rollout plans and implementation.
• Per Customer approved designs, configure Cloud Access Security Broker (CASB) API integrations as licensed and required by Customer.
• Per Customer approved policy approach, configure DLP policies for API integrations and forward proxy based on predefined profiles (e.g., PII, PCI, GDPR) or custom Customer requirements to prevent the exfiltration of data via SaaS applications and posting on web forms.
• Per Customer approves designs, configure Secure Web Gateway (SWG) and Web policies based on predefined Web classifications and custom Customer requirements to monitor and block specific web traffic.
• Per Customer approved designs, configure Netskope Threat Protection malware and remediation as well as Cloud Threat Exchange and integration with supported solutions.
• Per Customer approved designs, setup UEBA capability allowing to detect anomalies and baseline the users and entities behaviors.
• Per Customer approved designs, integrate Netskope Private Access (NPA) with Customer applications.
• Per customer approved designs, integrate Netskope with additional third-party apps and platforms such as SIEM.