Network Security Engineer
Job Overview
We are looking for an experienced Network Security Engineer to design, implement, monitor, and support enterprise security infrastructure across on-premises, cloud, and hybrid environments. The ideal candidate should possess strong expertise in next-generation firewalls, SIEM platforms, cloud security, Zero Trust architecture, and modern cybersecurity operations.
The role requires hands-on experience with technologies such as Fortinet, SonicWall, Palo Alto Networks, SIEM solutions, SASE, SD-WAN, endpoint security, and threat detection platforms.
Key Responsibilities
- Design, deploy, and manage enterprise network security solutions
- Configure and administer Fortinet, SonicWall, and Palo Alto firewalls
- Implement and maintain VPNs, IPS/IDS, web filtering, NAT, ACLs, and segmentation policies
- Monitor security events using SIEM, XDR, and SOC monitoring platforms
- Investigate security incidents, perform threat analysis, and support incident response activities
- Manage firewall policies, security rules, and compliance controls
- Implement Zero Trust Network Access (ZTNA) and identity-based security controls
- Support cloud security initiatives across AWS, Azure, and hybrid infrastructure
- Configure and support SD-WAN and Secure Access Service Edge (SASE) solutions
- Conduct vulnerability assessments and remediation activities
- Collaborate with infrastructure, cloud, and application teams to secure enterprise environments
- Maintain security documentation, diagrams, SOPs, and audit records
- Participate in on-call rotations and critical incident handling
Required Skills & Technologies
Firewall & Network Security
- Fortinet FortiGate
- SonicWall
- Palo Alto Networks
- Check Point (preferred)
- Cisco Firepower / ASA
- VPN Technologies (IPSec / SSL VPN)
- IDS/IPS
- Web Application Firewall (WAF)
- NAC (Network Access Control)
Modern Security Technologies
- Zero Trust Architecture (ZTA)
- ZTNA (Zero Trust Network Access)
- SASE (Secure Access Service Edge)
- SD-WAN Security
- SSE (Security Service Edge)
- CASB (Cloud Access Security Broker)
- Micro-segmentation
- Secure Remote Access Solutions
SIEM, SOC & Threat Detection
Experience with one or more:
- Splunk
- QRadar
- Microsoft Sentinel
- LogRhythm
- ArcSight
- Elastic SIEM
Knowledge of:
- SOC operations
- Threat hunting
- Log correlation
- MITRE ATT&CK framework
- Incident response
- Threat intelligence integration
Cloud & Infrastructure Security
- AWS Security
- Microsoft Azure Security
- Hybrid cloud networking
- Cloud firewall management
- Security Groups / NSGs
- Identity & Access Management (IAM)
Endpoint & Advanced Security
- EDR/XDR platforms
- CrowdStrike
- Microsoft Defender
- SentinelOne
- Endpoint hardening
- DLP (Data Loss Prevention)
- Email security solutions
Networking Fundamentals
Strong understanding of:
- TCP/IP
- Routing & Switching
- VLANs
- BGP / OSPF
- DNS / DHCP
- Load Balancing
- Network troubleshooting
Automation & Scripting (Preferred)
- Python
- PowerShell
- Bash scripting
- Security automation
- SOAR platforms
Preferred Certifications
- Fortinet NSE / FCP
- Palo Alto PCNSA / PCNSE
- CCNP Security
- CISSP
- CEH
- CompTIA Security+
- Microsoft SC Certifications
- AWS Security Specialty
Education
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field preferred.
Soft Skills
- Strong analytical and troubleshooting skills
- Ability to work in high-pressure environments
- Excellent communication and stakeholder management
- Strong documentation and reporting abilities
- Proactive mindset with focus on continuous improvement
