Senior Network Security Engineer

Job Description:

AssetMark is a leading strategic provider of innovative investment and consulting solutions serving independent financial advisors. We provide investment, relationship, and practice management solutions that advisors use in helping clients achieve wealth, independence, and purpose.

The Job/What You’ll Do:

As the AssetMark portfolio continues to grow, the Technology & Operations team is building technology and IT systems that meet the world class standard for which AssetMark is known. We build, implement and maintain the business systems and technology that are critical for delivering AssetMark’s services, while articulating the long-term technology strategy that will enable AssetMark’s growing solutions that improve the lives of our advisors and their clients.

Within our Security, Network, & Infrastructure teams, there has never been a busier or more urgent time to obtain the best talent we can for this critical function. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Cloud Network Team at AssetMark is a growing group of cyber security networking professionals, using the latest tools and resources to protect the assets from our internal infrastructure to the solutions used by our advisors and clients. We are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, routing, threat detection, and more.

We can consider candidates for this position who are able to accommodate a hybrid work schedule and are close to out Atlanta, GA office.

Responsibilities:

• Perform regular security audits of network infrastructure to identify vulnerabilities, ensure compliance with security policies, and validate the effectiveness of implemented controls.

• Design, implement, and maintain advanced security solutions, including firewalls, intrusion detection/prevention systems, VPN gateways, and cloud-native security tools.

• Collaborate with IT stakeholders and network administrators to ensure secure, scalable, and efficient network designs that align with organizational standards.

• Develop and maintain automated reporting systems to monitor and present network security metrics and trends to executive management and key stakeholders.

• Develop, maintain, and enforce network security policies, procedures, standards, and guidelines in line with industry best practices and regulatory/compliance frameworks.

• Lead comprehensive security assessments of new and existing network configurations, including affiliated systems, to identify risks and recommend mitigation strategies.

• Work closely with cross-functional teams (e.g., Internal Audit, Legal, Compliance, Privacy) to strengthen the organization’s network and cybersecurity posture.

• Create and maintain custom automation scripts using APIs and scripting languages to streamline network management, security monitoring, and threat analysis.

• Document automation tools and scripts, ensuring clarity, usability, and adherence to internal standards.

• Monitor and fine-tune network performance, identifying and addressing bottlenecks, latency, and other performance issues.

• Troubleshoot and resolve complex network and security issues, escalating where necessary, and implementing solutions to prevent recurrence.

• Manage relationships with network vendors, ensuring service quality and leveraging partnerships to optimize network performance and cost.

• Ensure robust connectivity across all sites, servers, endpoints, and network devices, incorporating redundancy and failover mechanisms where needed.

• Validate and optimize reference architectures and recommend enhancements to improve security, reduce risks, and ensure high availability.

• Lead or participate in incident response efforts related to network and security issues.

• Participate in an on-call rotation, responding to critical incidents and ensuring operational continuity during off-hours, including weekends.
• Other duties as assigned

Knowledge, Skills, Abilities:

• Must be proficient in networking protocols including TCP/IP, UDP, HTTP/HTTPS, FTP/SFTP, DNS, DHCP, SNMP, SMTP/POP3/IMAP, and LDAP, along with their associated security measures and vulnerabilities.
• F5, Palo Alto, Cisco, Meraki, Azure network services, Front Door, NSGs, Route Tables.
• Azure Data Lake Storage experience desired.
• Network Architecture Experience with software defined networking for cloud native and marketplace tools (Palo Alto preferred).
• DevOps Hands-on work with GitHub or Azure DevOps and associated CI/CD tooling.
• Infrastructure as Code Experience utilizing Terraform to automate the deployment of Azure resources; standardization with Infrastructure-as-Code (IaC) implementations.
• Integrating with on prem Infrastructure Designing, implementing, and managing complex network infrastructures across cloud and on-prem environments.
• Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
• Detailed understanding of the threats faced by direct to consumer and digital platform organizations.
• Working knowledge of at least one programming language (Python, Go etc.)
• Hands on experience securing hybrid and cloud native infrastructure is highly preferred
• Proven hands-on experience hardening network and security appliances
• Detailed technical experience supporting and implementing SIEM & logging tools (Splunk, Kibana, etc.) and the ability to extract actionable intelligence from large volume aggregated log storage.
• Thorough understanding of Network and enterprise IT infrastructure and, specifically the security aspects thereof.
• Thorough understanding of compliance and regulatory frameworks and how they affect architecture designs and reviews.

Education & Experience:

• Bachelor’s Degree in Computer Science, Engineering, or other related discipline or 5+ years of previous network security experience.
• Security certifications are a plus. (CISSP, CCIE, PCNSE, CISA, SANS, Security+, etc.)
• Microsoft AZ-700 certification desired.

Compensation: The Base Salary range for this position is between $135,000-$150,000.

This information reflects a base salary range that AssetMark reasonably expects to pay for the position based on a number of factors which may include job-related knowledge, skills, education, experience, and actual work location. This position will also be eligible for additional variable incentive compensation and competitive benefits.

Candidates must be legally authorized to work in the US to be considered. We are unable to provide visa sponsorship for this position.

#LI-hybrid

#LI-TN1

Who We Are & What We Offer:

AssetMark’s mission is centered around helping financial advisors make a difference in the lives of their clients. To help them do that, we aim to provide advisors with holistic support. We offer compelling technology that facilitates a better client experience, consulting services that ensure advisors’ businesses are running at their best and a comprehensive suite of investment solutions. AssetMark’s platform empowers advisors to provide the highest level of service possible to their clients.

AssetMark’s culture is driven by our mission and connected by our values; Heart, Integrity, Excellence and Respect. You will join a team that lives these values every day by doing the best and what is right in all we do  and encouraging different ideas for continual success and innovation. Additionally, we offer a wide range of benefits to meet the needs of our team members and their families.

• Flex Time Off or Paid Time/Sick Time Off
• 401K – 6% Employer Match
• Medical, Dental, Vision – HDHP or PPO
• HSA – Employer contribution (HDHP only)
• Volunteer Time Off
• Career Development / Recognition
• Fitness Reimbursement
• Hybrid Work Schedule

As an Equal Opportunity Employer, AssetMark is committed to building a diverse and inclusive workplace where everyone feels valued.