Network Security Engineer

Network Security Engineer

Protect and Strengthen USC's Digital Campus

The University of Southern California (USC) is seeking a Network Security Engineer to help safeguard one of the nation's most dynamic academic environments. In this role, you'll play a critical part in strengthening the university's network security posture-protecting systems, data, and users across a complex and evolving infrastructure.

You'll collaborate closely with security operations, governance, and systems teams to design, implement, and optimize security solutions that support USC's academic, research, and administrative missions. This is an opportunity to apply deep technical expertise while contributing to work that truly matters.

What You'll Do

• Design, implement, and maintain network security solutions that protect infrastructure from internal and external threats.
• Evaluate, deploy, and manage firewalls, intrusion prevention systems, web proxies, and data loss prevention technologies.
• Troubleshoot and resolve complex network security issues, partnering with campus departments and ITS stakeholders.
• Perform packet and flow analysis using industry-standard tools to identify risks and improve visibility.
• Support public cloud security architectures (AWS, Azure) and hybrid environments.
• Monitor, upgrade, and patch network security systems using leading-edge practices and tools.
• Contribute to incident response efforts, risk assessments, and operational improvements.
• Develop and maintain clear technical documentation and present findings and recommendations to stakeholders.

Minimum Qualifications

• Bachelor's degree, or combined experience and education as a substitute.
• Minimum of 4 years of relevant experience.

Required Knowledge, Skills, and Abilities

• Experience with Border Gateway Protocol (BGP) and network security technologies including intrusion detection and prevention systems, proxies, firewalls, packet capture, and data loss prevention (DLP) solutions.
• Experience designing and implementing security controls within public cloud environments, such as AWS and/or Azure, including support for hybrid architectures.
• Experience deploying and troubleshooting certificate-based security solutions and public key infrastructure (PKI), including 802.1X authentication, SSL decryption/offloading, and related technologies.
• Experience designing, deploying, and supporting web proxy and content filtering solutions to enforce security policies and support data loss prevention initiatives.
• Demonstrated experience performing packet and flow analysis using a variety of tools, including in-line taps, firewall and IPS appliances, network routers, and host-based tools.
• Experience working with network access control (NAC) platforms, writing shell scripts using Python and/or Bash, and leveraging infrastructure monitoring and alerting tools.
• Experience designing, implementing, and supporting firewall and intrusion prevention system (IPS) architectures in enterprise environments.
• Proven ability to work effectively in project-based environments, collaborating and communicating with individuals and teams across diverse technical and non-technical organizations.
• Ability to generate technical reports, create presentations, and present findings and recommendations to appropriate stakeholders.
• Ability to contribute subject matter expertise to design discussions and support the development and implementation of secure, scalable network solutions.

Preferred Knowledge, Skills, and Abilities

• Experience in IT and/or network engineering roles within enterprise or large-scale environments.
• Hands-on experience designing, implementing, and supporting firewalls, intrusion prevention systems, and infrastructure monitoring tools, with specific preference for Fortinet technologies and SolarWinds.
• Experience working with HPE ClearPass or similar network access control platforms.

In addition, the successful candidate must also demonstrate, through ideas, words and actions, a strong commitment to USC's Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

Pay Transparency Act Statement

The annual base salary range for this position is $ 135,360.01 - $144,758.48. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

Benefits

To support faculty and staff well-being, provides benefits-eligible employees with a broad range of benefits and perks to help protect their and their dependents' health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USC's comprehensive benefits here .

Ready to Make an Impact?

If you're excited to help secure a world-class academic institution and work alongside talented technology professionals, we encourage you to apply today. Submit your application and resume to be considered for this opportunity.

Equal Opportunity Statement

is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other characteristic protected by law or policy.

Minimum Education: Bachelor's degree Addtional Education Requirements Combined experience/education as substitute for minimum education Minimum Experience: 4 years Minimum Skills: Experience with Border Gateway Protocol (BGP), intrusion detection, proxies, firewalls, packet capture, and/or data loss prevention. Experience designing and implementing security measures within public cloud environments (e.g., AWS, Azure). Experience troubleshooting and deploying solutions involving certificates and public key infrastructures (802.1X or SSL decryption and offloading), and designing and deploying web proxy and content filtering solutions for data loss prevention. Experience performing packet and flow analysis with various toolsets including in-line taps, firewall/IPS appliances, network routers and hosts. Experience working with network access control platforms, writing shell scripts using Python or Bash, and using infrastructure monitoring tools. Experience designing and working with firewall and intrusion prevention systems. Experience working in project-based environments, able to effectively collaborate and communicate with individuals and teams across an organization. Ability to generate reports, create presentations, and present to appropriate stakeholders. Ability to contribute expertise to design discussions and support the development of network solutions.