Network Security Engineer

Job Description

**Job Overview**

We are looking for an experienced Network Security Engineer to design, implement, monitor, and support enterprise security infrastructure across on-premises, cloud, and hybrid environments. The ideal candidate should possess strong expertise in next-generation firewalls, SIEM platforms, cloud security, Zero Trust architecture, and modern cybersecurity operations.

The role requires hands-on experience with technologies such as Fortinet, SonicWall, Palo Alto Networks, SIEM solutions, SASE, SD-WAN, endpoint security, and threat detection platforms.

**Key Responsibilities**

* Design, deploy, and manage enterprise network security solutions
* Configure and administer Fortinet, SonicWall, and Palo Alto firewalls
* Implement and maintain VPNs, IPS/IDS, web filtering, NAT, ACLs, and segmentation policies
* Monitor security events using SIEM, XDR, and SOC monitoring platforms
* Investigate security incidents, perform threat analysis, and support incident response activities
* Manage firewall policies, security rules, and compliance controls
* Implement Zero Trust Network Access (ZTNA) and identity-based security controls
* Support cloud security initiatives across AWS, Azure, and hybrid infrastructure
* Configure and support SD-WAN and Secure Access Service Edge (SASE) solutions
* Conduct vulnerability assessments and remediation activities
* Collaborate with infrastructure, cloud, and application teams to secure enterprise environments
* Maintain security documentation, diagrams, SOPs, and audit records
* Participate in on-call rotations and critical incident handling

**Required Skills \& Technologies**

Firewall \& Network Security

* Fortinet FortiGate
* SonicWall
* Palo Alto Networks
* Check Point (preferred)
* Cisco Firepower / ASA
* VPN Technologies (IPSec / SSL VPN)
* IDS/IPS
* Web Application Firewall (WAF)
* NAC (Network Access Control)

Modern Security Technologies

* Zero Trust Architecture (ZTA)
* ZTNA (Zero Trust Network Access)
* SASE (Secure Access Service Edge)
* SD-WAN Security
* SSE (Security Service Edge)
* CASB (Cloud Access Security Broker)
* Micro-segmentation
* Secure Remote Access Solutions

SIEM, SOC \& Threat Detection

Experience with one or more:

* Splunk
* QRadar
* Microsoft Sentinel
* LogRhythm
* ArcSight
* Elastic SIEM

**Knowledge of:**

* SOC operations
* Threat hunting
* Log correlation
* MITRE ATT\&CK framework
* Incident response
* Threat intelligence integration

Cloud \& Infrastructure Security

* AWS Security
* Microsoft Azure Security
* Hybrid cloud networking
* Cloud firewall management
* Security Groups / NSGs
* Identity \& Access Management (IAM)

Endpoint \& Advanced Security

* EDR/XDR platforms
* CrowdStrike
* Microsoft Defender
* SentinelOne
* Endpoint hardening
* DLP (Data Loss Prevention)
* Email security solutions

Networking Fundamentals

Strong understanding of:

* TCP/IP
* Routing \& Switching
* VLANs
* BGP / OSPF
* DNS / DHCP
* Load Balancing
* Network troubleshooting

Automation \& Scripting (Preferred)

* Python
* PowerShell
* Bash scripting
* Security automation
* SOAR platforms

**Preferred Certifications**

* Fortinet NSE / FCP
* Palo Alto PCNSA / PCNSE
* CCNP Security
* CISSP
* CEH
* CompTIA Security
* Microsoft SC Certifications
* AWS Security Specialty

**Education**

Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field preferred.

**Soft Skills**

* Strong analytical and troubleshooting skills
* Ability to work in high-pressure environments
* Excellent communication and stakeholder management
* Strong documentation and reporting abilities
* Proactive mindset with focus on continuous improvement