Senior Network Security Engineer – L3

B2. Primary Roles & Responsibilities:

1. Network Security Architecture & Design: 
   • Lead the design, implementation, and optimization of robust, scalable, and secure network architectures for enterprise and data center environments.
   • Develop and maintain network security policies, standards, and procedures in alignment with industry best practices and compliance requirements.
   • Conduct security assessments and vulnerability analyses of existing network infrastructure, recommending and implementing remediation strategies.
2. Operations & Troubleshooting: 
   • Provide expert-level operational support and troubleshooting for complex network security issues, ensuring minimal downtime and business continuity.
   • Manage and maintain various network security devices and platforms including, but not limited to, Firewalls (Next-Gen and traditional), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), VPN gateways, Load Balancers, and Network Access Control (NAC) solutions.
   • Monitor network security performance, health, and capacity, implementing proactive measures to prevent issues.
3. Customer Relationship Management: 
   • Serve as a primary technical point of contact for key customers, understanding their unique security needs and translating them into technical solutions.
4. Team Leadership & Mentorship: 
   • Lead and mentor a team of network engineers, fostering skill development, knowledge sharing, and adherence to best practices.
   • Participate in the recruitment and training of new team members.
5. Project Management & Delivery: 
   • Lead and execute network security projects from inception to completion, ensuring timely delivery within scope and budget.
6. Innovation & Continuous Improvement: 
   • Stay abreast of the latest trends, threats, and advancements in network security technologies and methodologies.
7. Drive continuous improvement initiatives within the network security domain.

 

B3. Expected Experience and Expertise

• 12+ years of hands-on experience in designing, implementing, and managing complex network security solutions in enterprise-level environments.
• Deep expertise in various firewall technologies (Palo Alto, Fortinet, Cisco, Check Point), including policy management, VPN configuration, advanced threat prevention features (IPS, URL Filtering, WildFire/Sandbox, AV).
• Strong understanding and experience with Intrusion Prevention Systems (IPS) and their deployment and tuning.
• Proficiency with VPN technologies (IPSec, SSL VPN) for site-to-site and remote access connectivity.
• Hands-on experience with Load Balancers (e.g., F5 BIG-IP LTM/ASM, NetScaler) and Web Application Firewalls (WAFs).
• Experience with Network Access Control (NAC) solutions (e.g., Cisco ISE, Aruba ClearPass).
• Solid understanding of routing and switching protocols (OSPF, BGP, EIGRP, VLANs, STP, etc.) and their security implications.
• Experience with DDoS mitigation techniques and solutions.
• Working knowledge of cloud security principles and experience with security controls in AWS, Azure, or GCP.

 

B4. Certifications

Nice-to-Have

• Palo Alto Networks Certified Network Security Engineer (PCNSE): Essential for hands-on expertise with Palo Alto Networks Next-Generation Firewalls, a widely used platform.
• Fortinet Certified Network Security Expert (FCX / NSE 8) OR Fortinet Certified Network Security Professional (NSE 7): Demonstrates expert-level proficiency with Fortinet security products, particularly FortiGate firewalls and the Fortinet Security Fabric.
• Check Point Certified Security Master (CCSM) OR Check Point Certified Security Expert (CCSE): Indicates high-level proficiency with Check Point security solutions.

 

B5. Leadership skills

1. Team player
2. Able to lead a team