- Sat Dec 13, 2025 3:00 pm#11655
Preparation Guide for the Position of Associate Manager/Manager, Core Network & Perimeter Security – BRAC Bank PLC
Overview
The role is a senior‑level position within the Technology Division of BRAC Bank. It focuses on planning, operating, and securing the bank’s enterprise network infrastructure, including data‑center, campus, and regional networks. Candidates need at least five years of relevant experience (preferably in the banking sector) and a strong technical background in networking, security devices, and automation.
1. Understand the Business Context
1. Study BRAC Bank’s mission, values, and recent initiatives, especially related to sustainability, digital banking, and financial inclusion.
2. Familiarize yourself with Bangladesh’s banking regulations, Bangladesh Bank guidelines, and ISO standards that govern network and security operations.
3. Review typical banking network architectures: how data‑centers, disaster‑recovery sites, and branch networks interconnect, and the security controls required for financial transactions.
2. Match Your Experience to the Key Responsibilities
Create a two‑column list on paper: “Job Requirement” on the left, “My Experience / Example” on the right. Cover each bullet from the posting:
- Network infrastructure planning for DC/DR and campuses – cite projects where you designed or expanded VLANs, routed core/backbone, or implemented MPLS.
- Firewall/IPS operation – describe daily rule‑base management, log analysis, and incident response.
- Proxy, DNS, TACACS, VPN OTP/2FA – mention specific products (e.g., Palo Alto, Fortinet, Cisco ASA, F5, Infoblox) and the scale of users supported.
- Site‑to‑Site and remote‑access VPN – detail configuration of IPsec/IKE, split‑tunneling, and troubleshooting remote client connectivity.
- Network hardening – list steps you took to disable unsafe protocols, enable MACsec, enforce strong cipher suites, or implement port‑security.
- Partner connectivity integration – give examples of onboarding a new ISP, colocation provider, or fintech partner.
- Feasibility analysis – reference capacity‑planning studies, QoS design, or cost‑benefit assessments you performed.
- Monitoring tools – note hands‑on work with DNS, IPAM, Cacti, Rancid, SolarWinds, or similar.
- Asset tracking and vendor liaison – describe your process for equipment inventory, SLA monitoring, and escalation with OEM support.
- Technical writing – attach SOPs, change‑management documents, or network diagrams you authored.
- Compliance – illustrate how you ensured adherence to internal policies, Bangladesh Bank directives, and ISO 27001/27002.
- OEM coordination – mention regular meetings with vendors such as Cisco, Juniper, Palo Alto, or Fortinet.
For each item, quantify results (e.g., “Reduced firewall rule base maintenance time by 30 % through automation scripts” or “Implemented VPN solution supporting 2,000 concurrent remote users with 99.9 % uptime”).
3. Strengthen Core Technical Skills
- Networking: Deepen knowledge of routing protocols (OSPF, BGP, EIGRP), switching (VXLAN, STP, LACP), and LAN/WAN design. Practice lab scenarios on GNS3/Packet Tracer or real hardware if available.
- Security Devices: Get hands‑on with at least one firewall platform (Palo Alto, FortiGate, Cisco ASA) and an IPS/IDS solution. Configure policies, NAT, VPN tunnels, and perform log analysis.
- Proxy/DNS/TACACS: Set up a forward and recursive DNS server (Bind/PowerDNS), an HTTP/HTTPS proxy (Squid), and a TACACS+ server (Cisco ACS or FreeRADIUS). Test authentication flows and logging.
- VPN: Build site‑to‑site IPsec tunnels and SSL remote‑access VPNs. Experiment with multi‑factor authentication integration (RSA SecurID, Duo, Google Authenticator).
- Automation & Scripting: Refresh Python or Bash skills. Write scripts to pull firewall rules, generate configuration backups, or update DNS entries via API. Familiarize yourself with Ansible playbooks for network device provisioning.
- Monitoring & IPAM: Practice using Cacti for SNMP graphing and Rancid for configuration backup. If possible, deploy an open‑source IPAM solution (phpIPAM) and integrate it with DNS.
- Hardening: Review CIS Benchmarks for network devices and implement recommended configurations in a lab.
4. Certifications and Formal Learning
While not mandatory, certifications will differentiate you:
- Cisco CCNP (Enterprise) or CCIE – validates routing, switching, and security expertise.
- Palo Alto Networks PCNSE – demonstrates firewall and Panorama proficiency.
- Fortinet NSE4 – focuses on FortiGate firewall and security fabric.
- Check Point CCSA/CCSE – alternative firewall certification.
- CompTIA Security+ or (ISC)² SSCP – broad security fundamentals.
- Certified Information Systems Security Professional (CISSP) – useful for governance and compliance knowledge.
If you already hold any, list them prominently on your CV. If not, consider enrolling in a short‑term course or online lab platform (e.g., INE, Pluralsight, Udemy) to acquire the badge before your interview.
5. Resume & Cover Letter Tailoring
- Use a clean, professional layout (no fancy graphics).
- Begin with a “Professional Summary” of 3‑4 lines highlighting 5+ years of network & security experience in the banking sector and your key strengths (planning, hardening, automation).
- Under “Core Competencies” list: Network Architecture, Firewall/IPS Management, VPN & Remote Access, DNS/IPAM, Scripting/Automation, Vendor Management, Compliance (Bangladesh Bank, ISO 27001), Technical Documentation.
- In “Professional Experience,” structure each role with bullet points that map directly to the job responsibilities (see Section 2). Start each bullet with a strong action verb and include measurable outcomes.
- Add a “Certifications” section – even “In progress” items are valuable.
- In the cover letter, convey your alignment with BRAC Bank’s purpose‑driven culture, your user‑centric mindset, and your commitment to proactive problem solving. Mention any prior experience working in a regulated financial environment.
6. Soft‑Skill Preparation
- Customer‑centric attitude: Prepare anecdotes where you resolved a critical user issue or improved service delivery.
- Team collaboration: Highlight instances of cross‑functional projects (e.g., working with application teams, security ops, or compliance).
- Communication: Be ready to discuss how you translate technical concepts for non‑technical stakeholders.
- Time‑management: Share examples of meeting tight change‑window deadlines without service disruption.
7. Research the Interview Process
From the posting, the bank follows a standard recruitment flow:
1. Resume screening – ensure your CV passes keyword filters.
2. Short‑list notification – you will likely receive an email with next‑step instructions.
3. Technical interview – may include scenario‑based questions, hands‑on lab tasks, or configuration reviews.
4. HR interview – focuses on cultural fit, values, and behavioral questions.
Prepare for each stage:
- Technical: Review common networking interview questions (e.g., “Explain how you would troubleshoot a BGP flapping route” or “Describe the steps to harden a firewall”). Practice with mock labs where you configure firewalls, VPNs, and DNS.
- Behavioral: Use the STAR method (Situation, Task, Action, Result). Prepare stories for teamwork, conflict resolution, deadline pressure, and continuous improvement.
8. Practical Mock Exercises
- Build a small lab (virtual or physical) with two routers, two switches, a firewall (e.g., Palo Alto VM), a DNS server, and a proxy. Simulate a branch‑to‑core connection, apply ACLs, and enforce a VPN tunnel.
- Write a short SOP (1‑2 pages) for “Creating a new site‑to‑site VPN” including pre‑checks, configuration steps, validation, and rollback.
- Generate a network diagram (use draw.io or Visio) for a hypothetical three‑site architecture, labeling all security devices, VLANs, and IP addressing scheme.
9. Final Checklist Before Application
- Updated resume (PDF, ATS‑friendly) and tailored cover letter.
- List of certifications (including upcoming ones).
- References (preferably senior colleagues from prior banking or security roles).
- Copies of any published SOPs, diagrams, or technical documents (redacted if needed) to discuss during interview.
10. Application Submission
Visit the provided link (https://hotjobs.bdjobs.com/jobs/bracban ... ank882.htm) and follow the online instructions. Attach the PDF files, double‑check that all fields are correctly filled, and submit before the deadline (Dec 13 2025). Keep a record of the submission confirmation email for future reference.
11. Post‑Submission
- Set a reminder to follow up politely after 7‑10 days if you have not heard back.
- Continue sharpening technical skills and reviewing BRAC Bank’s recent news, so you stay fresh for the interview.
Good luck! Your thorough preparation, combined with clear mapping of experience to the role’s requirements, will position you strongly for this senior network and security opportunity at BRAC Bank.
Overview
The role is a senior‑level position within the Technology Division of BRAC Bank. It focuses on planning, operating, and securing the bank’s enterprise network infrastructure, including data‑center, campus, and regional networks. Candidates need at least five years of relevant experience (preferably in the banking sector) and a strong technical background in networking, security devices, and automation.
1. Understand the Business Context
1. Study BRAC Bank’s mission, values, and recent initiatives, especially related to sustainability, digital banking, and financial inclusion.
2. Familiarize yourself with Bangladesh’s banking regulations, Bangladesh Bank guidelines, and ISO standards that govern network and security operations.
3. Review typical banking network architectures: how data‑centers, disaster‑recovery sites, and branch networks interconnect, and the security controls required for financial transactions.
2. Match Your Experience to the Key Responsibilities
Create a two‑column list on paper: “Job Requirement” on the left, “My Experience / Example” on the right. Cover each bullet from the posting:
- Network infrastructure planning for DC/DR and campuses – cite projects where you designed or expanded VLANs, routed core/backbone, or implemented MPLS.
- Firewall/IPS operation – describe daily rule‑base management, log analysis, and incident response.
- Proxy, DNS, TACACS, VPN OTP/2FA – mention specific products (e.g., Palo Alto, Fortinet, Cisco ASA, F5, Infoblox) and the scale of users supported.
- Site‑to‑Site and remote‑access VPN – detail configuration of IPsec/IKE, split‑tunneling, and troubleshooting remote client connectivity.
- Network hardening – list steps you took to disable unsafe protocols, enable MACsec, enforce strong cipher suites, or implement port‑security.
- Partner connectivity integration – give examples of onboarding a new ISP, colocation provider, or fintech partner.
- Feasibility analysis – reference capacity‑planning studies, QoS design, or cost‑benefit assessments you performed.
- Monitoring tools – note hands‑on work with DNS, IPAM, Cacti, Rancid, SolarWinds, or similar.
- Asset tracking and vendor liaison – describe your process for equipment inventory, SLA monitoring, and escalation with OEM support.
- Technical writing – attach SOPs, change‑management documents, or network diagrams you authored.
- Compliance – illustrate how you ensured adherence to internal policies, Bangladesh Bank directives, and ISO 27001/27002.
- OEM coordination – mention regular meetings with vendors such as Cisco, Juniper, Palo Alto, or Fortinet.
For each item, quantify results (e.g., “Reduced firewall rule base maintenance time by 30 % through automation scripts” or “Implemented VPN solution supporting 2,000 concurrent remote users with 99.9 % uptime”).
3. Strengthen Core Technical Skills
- Networking: Deepen knowledge of routing protocols (OSPF, BGP, EIGRP), switching (VXLAN, STP, LACP), and LAN/WAN design. Practice lab scenarios on GNS3/Packet Tracer or real hardware if available.
- Security Devices: Get hands‑on with at least one firewall platform (Palo Alto, FortiGate, Cisco ASA) and an IPS/IDS solution. Configure policies, NAT, VPN tunnels, and perform log analysis.
- Proxy/DNS/TACACS: Set up a forward and recursive DNS server (Bind/PowerDNS), an HTTP/HTTPS proxy (Squid), and a TACACS+ server (Cisco ACS or FreeRADIUS). Test authentication flows and logging.
- VPN: Build site‑to‑site IPsec tunnels and SSL remote‑access VPNs. Experiment with multi‑factor authentication integration (RSA SecurID, Duo, Google Authenticator).
- Automation & Scripting: Refresh Python or Bash skills. Write scripts to pull firewall rules, generate configuration backups, or update DNS entries via API. Familiarize yourself with Ansible playbooks for network device provisioning.
- Monitoring & IPAM: Practice using Cacti for SNMP graphing and Rancid for configuration backup. If possible, deploy an open‑source IPAM solution (phpIPAM) and integrate it with DNS.
- Hardening: Review CIS Benchmarks for network devices and implement recommended configurations in a lab.
4. Certifications and Formal Learning
While not mandatory, certifications will differentiate you:
- Cisco CCNP (Enterprise) or CCIE – validates routing, switching, and security expertise.
- Palo Alto Networks PCNSE – demonstrates firewall and Panorama proficiency.
- Fortinet NSE4 – focuses on FortiGate firewall and security fabric.
- Check Point CCSA/CCSE – alternative firewall certification.
- CompTIA Security+ or (ISC)² SSCP – broad security fundamentals.
- Certified Information Systems Security Professional (CISSP) – useful for governance and compliance knowledge.
If you already hold any, list them prominently on your CV. If not, consider enrolling in a short‑term course or online lab platform (e.g., INE, Pluralsight, Udemy) to acquire the badge before your interview.
5. Resume & Cover Letter Tailoring
- Use a clean, professional layout (no fancy graphics).
- Begin with a “Professional Summary” of 3‑4 lines highlighting 5+ years of network & security experience in the banking sector and your key strengths (planning, hardening, automation).
- Under “Core Competencies” list: Network Architecture, Firewall/IPS Management, VPN & Remote Access, DNS/IPAM, Scripting/Automation, Vendor Management, Compliance (Bangladesh Bank, ISO 27001), Technical Documentation.
- In “Professional Experience,” structure each role with bullet points that map directly to the job responsibilities (see Section 2). Start each bullet with a strong action verb and include measurable outcomes.
- Add a “Certifications” section – even “In progress” items are valuable.
- In the cover letter, convey your alignment with BRAC Bank’s purpose‑driven culture, your user‑centric mindset, and your commitment to proactive problem solving. Mention any prior experience working in a regulated financial environment.
6. Soft‑Skill Preparation
- Customer‑centric attitude: Prepare anecdotes where you resolved a critical user issue or improved service delivery.
- Team collaboration: Highlight instances of cross‑functional projects (e.g., working with application teams, security ops, or compliance).
- Communication: Be ready to discuss how you translate technical concepts for non‑technical stakeholders.
- Time‑management: Share examples of meeting tight change‑window deadlines without service disruption.
7. Research the Interview Process
From the posting, the bank follows a standard recruitment flow:
1. Resume screening – ensure your CV passes keyword filters.
2. Short‑list notification – you will likely receive an email with next‑step instructions.
3. Technical interview – may include scenario‑based questions, hands‑on lab tasks, or configuration reviews.
4. HR interview – focuses on cultural fit, values, and behavioral questions.
Prepare for each stage:
- Technical: Review common networking interview questions (e.g., “Explain how you would troubleshoot a BGP flapping route” or “Describe the steps to harden a firewall”). Practice with mock labs where you configure firewalls, VPNs, and DNS.
- Behavioral: Use the STAR method (Situation, Task, Action, Result). Prepare stories for teamwork, conflict resolution, deadline pressure, and continuous improvement.
8. Practical Mock Exercises
- Build a small lab (virtual or physical) with two routers, two switches, a firewall (e.g., Palo Alto VM), a DNS server, and a proxy. Simulate a branch‑to‑core connection, apply ACLs, and enforce a VPN tunnel.
- Write a short SOP (1‑2 pages) for “Creating a new site‑to‑site VPN” including pre‑checks, configuration steps, validation, and rollback.
- Generate a network diagram (use draw.io or Visio) for a hypothetical three‑site architecture, labeling all security devices, VLANs, and IP addressing scheme.
9. Final Checklist Before Application
- Updated resume (PDF, ATS‑friendly) and tailored cover letter.
- List of certifications (including upcoming ones).
- References (preferably senior colleagues from prior banking or security roles).
- Copies of any published SOPs, diagrams, or technical documents (redacted if needed) to discuss during interview.
10. Application Submission
Visit the provided link (https://hotjobs.bdjobs.com/jobs/bracban ... ank882.htm) and follow the online instructions. Attach the PDF files, double‑check that all fields are correctly filled, and submit before the deadline (Dec 13 2025). Keep a record of the submission confirmation email for future reference.
11. Post‑Submission
- Set a reminder to follow up politely after 7‑10 days if you have not heard back.
- Continue sharpening technical skills and reviewing BRAC Bank’s recent news, so you stay fresh for the interview.
Good luck! Your thorough preparation, combined with clear mapping of experience to the role’s requirements, will position you strongly for this senior network and security opportunity at BRAC Bank.

