We are seeking a highly skilled Senior Network Security Engineer with deep expertise in Network Security technologies. This is a technical, hands-on role within the Network Security Engineering & Deployment team. The ideal candidate will possess Level 3 / Subject Matter Expert (SME)-level knowledge and practical experience in managing, designing, and troubleshooting Network Security products such as Firewalls, Intrusion Detection & Prevention Systems (IDPS), Web Application Firewalls (WAF), Micro-segmentation, Web Proxies, and DNS.
Roles & Responsibilities
- Part of a team that is responsible for the Network Security Engineering & Deployment function and will play a key role in Datacenter Migration projects.
Network Transformation Architecture :
Lead the design, engineering, and execution of next-generation network transformation solutions.Collaborate with internal teams, including cloud, security, and application stakeholders, to align network infrastructure with business needs.Provide technical leadership in building resilient, scalable, and secure hybrid and multicloud networkenvironments.
Design, Deployment, and Operations :
Architect and deploy advanced Network Security across data centers (DC1 & DC2).Integrate network security products with Cisco ACI environments to deliver seamless and secure connectivity with optimal performance.Act as an escalation point for the Operations team on network security issues, providing Level 3 troubleshooting and SME-level support.Collaborate with vendors, TAC, and internal teams to resolve complex network & Security incidents and escalations.Policy Management and Automation :
Develop and enforce policy-driven network security architectures.Leverage automation tools (e.g., Ansible, Python, XSOR) to enhance operational efficiency and minimize manual interventions.
Ensure compliance with industry standards and internal governance policies while aligning network security configurations with best practices.Documentation and Governance :
Maintain accurate network security diagrams, operational runbooks, and technical documentation.Ensure all security implementations adhere to governance frameworks and meet regulatory compliancerequirements.
Mentorship and Knowledge Sharing :
Provide Level3 / SME-level support and guidance to peers and stakeholders within the organization.Lead knowledge transfer sessions on network security technologies and best practices.Job Requirements :
Preferred qualifications :
Education :
Bachelors or Masters degree in Computer Science, Information Technology, or related field.Certifications : CISSP,CCSA ,CCSE,PCNSE,ICE,BIG-IP ASM Specialist or equivalent will be preferred.Technical Expertise :
10 to 15 years of experience in Network Security technologies like Firewalls, Intrusion Detection & Prevention Systems (IDPS), Web Application Firewalls (WAF), Micro-segmentation, Web Proxies, and DNS.Firewall Technologies :
Next-Generation Firewalls (NGFWs) : Understanding of advanced features like Application Awareness, Intrusion Prevention, and Deep Packet Inspection.Checkpoint Firewall Architecture : Expertise in Threat Prevention, VPNs, and High Availability (HA) configuration.Palo Alto Networks NGFWs : Knowledge of App-ID, WildFire, and User-ID for enhanced security.Firewall Rule Optimization : Experience in defining and fine-tuning access control policies and inspecting network traffic for threats.Expertise in implementing DNS Security solutions to prevent attacks such as DNS Spoofing, Cache Poisoning, and DDoS attacks targeting DNS infrastructure.Intrusion Detection and Prevention Systems (IDPS) :
Signature-Based IDS / IPS : Expertise in configuring and managing signature-based detection.Anomaly-Based IDS / IPS : Deep knowledge of Behavioral Analysis for detecting suspicious patterns and zeroday attacks.Integrated Security Operations : Integration of IDPS with SIEM systems for centralized log management and threat detection.Web Application Security :
Web Application Firewall (WAF) : Expertise in configuring and managing F5 ASM or equivalent WAF solutions for protecting applications from vulnerabilities.Bot Protection and DDoS Mitigation : Knowledge of Bot Management and DDoS Defense strategies for protecting web applications.Microsegmentation and Zero Trust Security :
Microsegmentation : Proficiency in tools like Illumio or Guardicore for isolating and securing workloads within the data center and cloud environments.Zero Trust Architecture (ZTA) : Expertise in defining and enforcing access policies based on identity and device posture, and validating every user and device before granting access.Network Access Control (NAC) :
Aruba ClearPass : Expertise in configuring role-based access control and integrating ClearPass with other networksecurity solutions.
Cisco Identity Services Engine (ISE) : Knowledge of 802.1X, MAB (MAC Authentication Bypass), and Guest Access in NACenvironments.
DNS & IP Address Management (IPAM) :
Infoblox DDI (DNS, DHCP, IPAM) : Experience in configuring and managing Infoblox for network address allocation, DNS resolution, and advanced DNS security.DNS Security : Expertise in securing DNS infrastructure through DNSSEC, DNS filtering, and DNS over HTTPS (DoH). Traffic Visibility & Monitoring :Network Traffic Analysis :
Proficiency in using tools like Wireshark, Riverbed App Response , Cisco Thousand Eyes ,NetFlow, and sFlow for traffic analysis and anomaly detection.Security Information and Event Management (SIEM) :
Expertise in integrating network devices with Splunk, Elastic or Equivalent for threat visibility and incident response.Routing Protocols & VPNs :
BGP (Border Gateway Protocol) : In-depth understanding of BGP routing policies, route filtering, and peering in largescale network environments.OSPF (Open Shortest Path First) : Expertise in dynamic routing configuration, including OSPF multi-area and OSPFv3 for IPv6 support.
Site-to-Site and Remote Access VPNs : Knowledge of configuring IPSec VPNs and SSL VPNs for secure communications across branches and remote users.Soft Skills :
Excellent analytical, problem-solving, and decision-making skills.Strong communication and collaboration skills, with the ability to engage with stakeholders across departments.
Self-motivated with a continuous learning mindset and ability to work under pressure.