Network Security Engineer

Job Summary

We are seeking a dynamic and highly skilled Network Security Engineer to join our team. In this pivotal role, you will be responsible for designing, implementing, and maintaining robust network security measures across diverse IT infrastructure environments. Your expertise will ensure the confidentiality, integrity, and availability of our organization's data and systems. This position offers an exciting opportunity to work with cutting-edge security technologies, influence security policies, and respond proactively to emerging threats. If you thrive in a fast-paced environment and are passionate about safeguarding digital assets, we want to hear from you!

Description

• Hands-on Palo Alto design and Architecture, configuration, deploy and management experience
• Strong Network Security Framework knowledge and experience
• Strong Cisco ACI, Palo Alto Firewall, Fortinet (Replacing Cisco ASA)
• Microsoft Defender, Zscaler, Carbon Black
• Network: Replacing Switches, Vulnerability, VLAN, OSPF/BGP
• Network Security: Firewall (Palo Alto/Fortinet) - Rules, Upgrades, VPN, Logs, DLP and SOC
• Some physical work at datacenter

Duties

• Develop and enforce comprehensive network security strategies aligned with industry standards such as NIST and ISO 27000 to protect organizational assets.
• Configure and manage network security devices including Cisco ASA firewalls, Cisco ISE for identity management, IDS/IPS systems for threat detection, and VPN solutions for secure remote access.
• Conduct vulnerability assessments and penetration testing to identify potential weaknesses within LAN, WAN, SAN, and cloud infrastructure environments like AWS and Google Cloud Platform.
• Monitor network traffic using SIEM tools such as Splunk or SolarWinds to detect suspicious activities, perform log analysis, and initiate incident response procedures promptly.
• Implement system hardening techniques on operating systems including Linux (Debian, CentOS, Ubuntu), Windows, macOS, and UNIX variants to minimize attack surfaces.
• Manage encryption protocols such as IPsec, SSL/TLS, PKI (Public Key Infrastructure), and FIPS standards to secure data in transit and at rest across diverse platforms.
• Lead incident recovery efforts by executing disaster recovery plans, system security plans, and threat detection and response strategies in accordance with FISMA and FedRAMP compliance requirements.

Skills

• Extensive knowledge of computer networking concepts including LAN/WAN architecture, routing protocols (OSPF, BGP), TCP/IP stack, DHCP/DNS services, and network protocols.
• Hands-on experience with firewall management (Cisco ASA), network support tools (SolarWinds, PRTG), load balancing solutions, and high availability configurations.
• Proficiency in scripting languages such as Python or Bash for automation of security tasks and system administration activities.
• Strong understanding of vulnerability management frameworks like DREAD or CVSS; experience with vulnerability research and assessment tools.
• Familiarity with cloud computing platforms (AWS, Azure) including cloud architecture design principles for secure deployment.
• Knowledge of identity and access management (IAM), RBAC policies, SSO integrations (Active Directory), LDAP directories, GPOs, and open-source tools like Ansible or Terraform for infrastructure automation.
• Ability to analyze network traffic using tools like Fiddler or Wireshark; conduct computer forensics; implement system security hardening measures; perform threat intelligence analysis.
• Understanding of compliance standards such as PCI DSS for payment systems; experience with incident management frameworks like ITIL; adherence to SDLC processes for secure software deployment. Join us to be at the forefront of cybersecurity innovation! Your expertise will help shape resilient defenses against evolving cyber threats while advancing your career in a collaborative environment committed to excellence in information security.