Principal Network Engineer

Fidelity

Westlake, Texas(remote)

JOB DETAILS
SKILLS
Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Cisco Network Systems, Cloud Computing, Computer Networks, ERISA (Employee Retirement Income Security Act of 1974), Enterprise Architecture, Enterprise Protection, Financial Services, Firewalls, GCP (Good Clinical Practices), Hewlett-Packard Product Family, High Availability, IP (Internet Protocol) Routing, Investment Services, Juniper Networks Product Family, Linux Operating System, Machine Tool, Microsoft Exchange Server, Microsoft Windows Azure, Microsoft Windows Server, Network Architecture/Engineering, Network Design, Network Operations Center, Network Routing, Network Security, Network Support, Network Switching, Onboarding, Python Programming/Scripting Language, Regulations, Scripting (Scripting Languages), Securities, Securities Investments, Security Information and Event Management (SIEM), Security Infrastructure, ServiceNow, Simulation, State Laws and Regulations, TCP/IP (Transmission Control Protocol/Internet Protocol), Windows PowerShell
LOCATION
Westlake, Texas
POSTED
9 days ago

Job Description:

Note: Fidelity is not providing immigration sponsorship for this position.  

Job Title: Principal Network Engineer – Network Segmentation   

Role Summary  

We are seeking an experienced Network Engineer to support a data center network segmentation initiative focused on implementing micro segmentation and Zero Trust architecture. The role involves designing, deploying, and optimizing segmentation policies using Segmentation platforms. You will be part of the team that leads the strategic shift from traditional flat networks to highly secure, micro-segmented environments across on-premises data centers, global offices, and multi-cloud infrastructure. 

You will work closely with security, infrastructure, and application teams to improve east-west traffic visibility, reduce attack surface, and enforce least-privilege communication. 

 

Location 

Westlake, Texas (Onsite) 

 

Key Responsibilities  

Design and Architecture 

  • Design and implement network segmentation and micro segmentation strategies across data center environments 
  • Develop Zero Trust network architectures aligned with enterprise security policies 
  • Define segmentation models (application-centric, environment-based, etc.) 

Implementation 

  • Deploy and configure:  
  • Segmentation Platforms across On-Prem and Cloud Data Centers 
  • Create and enforce security policies for east-west traffic 
  • Integrate segmentation tooling with:  
  • Firewalls 
  • SIEM/SOAR platforms 
  • CMDB / asset inventory systems 

Traffic Analysis and Policy Creation 

  • Analyze application dependencies and traffic flows 
  • Build and validate allow/deny rules and segmentation policies 
  • Support policy simulation, testing, and enforcement phases 

Operations and Optimization 

  • Monitor segmentation effectiveness and tune policies 
  • Troubleshoot connectivity issues related to segmentation enforcement 
  • Ensure high availability and scalability of segmentation deployments 

Collaboration 

  • Partner with:  
  • Application owners 
  • Security teams 
  • Infrastructure/Cloud teams 
  • Drive workshops and onboarding sessions for segmentation adoption 

 

Qualifications and Skills  

  • 7 – 10 plus years of experience in:  
  • Network engineering 
  • Data center networking 
  • Prior experience in large-scale segmentation or migration projects 
  • Hands-on experience with Segmentation platforms (Illumio, Guardicore (Akamai), Cisco Secure Workload/Tetration) 
  • Strong understanding of:  
  • Networking: Cisco, HP, Arista, Palo Alto, Check Point, Juniper 
  • TCP/IP, routing, switching 
  • Firewalls and ACLs 
  • Network security principles 
  • Experience with:  
  • Application dependency mapping 
  • East-west traffic inspection 
  • Experience with Enterprise Security: 
  • Strong understanding of Zero-Trust Network Access (ZTNA), Secure Access Service Edge (SASE) architectures, and stateful firewalling.  
  • Experience with:  
  • Cloud platforms (AWS, Azure, GCP) 
  • Kubernetes / container networking 
  • Scripting/automation skills:  
  • Python, PowerShell, or APIs 
  • Experience CMDB Tools and Technologies (ServiceNow) 
  • Familiarity with Linux and Windows server environments 
  • Experience working in financial services or highly regulated environments 

Fidelity’s Onsite Working Model
Fidelity is transitioning to a full-time onsite working model through a phased rollout across regions and roles. Currently, some roles and locations require 100% onsite presence, while others require less. Onsite expectations are likely to evolve as the rollout continues. This transition does not apply to fully remote roles.

Certifications:

Category:

Information Technology

Please be advised that Fidelity’s business is governed by the provisions of the Securities Exchange Act of 1934, the Investment Advisers Act of 1940, the Investment Company Act of 1940, ERISA, numerous state laws governing securities, investment and retirement-related financial activities and the rules and regulations of numerous self-regulatory organizations, including FINRA, among others. Those laws and regulations may restrict Fidelity from hiring and/or associating with individuals with certain Criminal Histories.

About the Company

F

Fidelity

We help over ~40 million people feel more confident in their most important financial goals, manage employee benefit programs for nearly 23,000 businesses, and support more than 3,600 advisory firms* with innovative investment and technology solutions to grow their businesses. Our diverse businesses and independence give us insight into the entire market and the stability needed to think and act for the long term as we deliver value to you.
COMPANY SIZE
10,000 employees or more
INDUSTRY
Banking
FOUNDED
1946
WEBSITE
https://jobs.fidelity.com/