Our client, a large professional services firm located in greater Philadelphia, PA, is looking to hire an onsite Network Security Engineer for a 6-month contract to hire role. The expectation will be that for the first few months, the consultant will be onsite in Wayne, PA or Philadelphia, PA for 3-4 days per week once a month with leadership and other teams. After first 3 months, travel to Wayne Office and/or Philadelphia Data Center as needed (~3-4 days every 2 Months).
The client is seeking a highly skilled and mission-driven Network Security Engineer to protect the integrity and availability of their platforms, which are vital to K-12 educational organizations. The successful candidate will be responsible for designing, implementing, maintaining, and supporting the network security infrastructure. This role is crucial for safeguarding sensitive data and ensuring continuous, secure access to SaaS solutions for administrators, teachers, and staff across the nation. The consultant will be responsible for security architecture and compliance as well as design, testing, and implementation of robust and scalable secure network solutions, including firewalls, VPNs, micro-segmentation, and security gateways that align with the customer's cloud-first strategy. The consultant must ensure all network infrastructure adheres strictly to internal security policies and external compliance requirements relevant to education technology and data privacy (e.g., FERPA, COPPA, and state-specific regulations).
The engineer will also manage and monitor next-generation network security systems (NGFWs, WAFs, IDS/IPS) to proactively detect, prevent, and respond to cyber threats targeting our network perimeter and internal resources. The consultant will conduct regular security audits, vulnerability assessments, and penetration testing on network infrastructure to identify and remediate weaknesses. They will also be tasked with implementation configuration changes, patching, and upgrades on network security devices with minimal disruption to the critical services
.
The consultant will administer and manage network access control systems (NAC) and AAA services (RADITACACS+) to enforce least privilege access as well as provide incident response and reporting. Part of their role will be to lead the investigation and resolution of network-related security incidents as a key member of the Security Incident Response Team (SIRT) and collaborate with the Security Operations Center (SOC) to fine-tune SIEM correlation rules specifically related to network activity and anomalies.
Required Skills:
- Bachelor's degree in computer science, Information Technology, Cyber Security, or equivalent practical experience in a relevant field.
- 3+ years of professional experience in network engineering with a dedicated focus on security principles and implementation.
- Expert-level knowledge of TCP/IP, routing protocols (BGP, OSPF), and practical experience with securing large-scale, multi-VLAN, and virtualized network environments.
- Hands-on expertise with at least two major enterprise firewall platforms (e.g., Palo Alto, Fortinet, Cisco) and experience managing security in a public cloud environment (AWS or Azure).
- Proficiency in using scripting languages (e.g., Python, Bash) or configuration management tools (e.g., Ansible) to automate repetitive network security tasks.
Desired Skills:
- Certifications: Current, relevant certifications such as CISSP, CCNP Security, PCNSE, or relevant AWS/Azure security certifications.
- SaaS Security: Direct experience securing a high-availability, multi-tenant Software-as-a-Service (SaaS) environment.
- DevSecOps: Familiarity with integrating security controls into CI/CD pipelines and infrastructure as Code (IaC) practices.
- Micro-segmentation: Practical experience designing and implementing Zero Trust or micro-segmentation architectures.
ClearBridge Technology Group is an Equal Opportunity Employer.
We offer excellent benefits and compensation packages.
The expected hourly rate range for this role is: $58.50 - $87.50 per hour
The posted range is an estimate, the actual compensation offer will be based on the candidate's experience, skills, qualifications and will be in line with internal equity.
Never miss an opportunity! Create an alert based on the job you applied for.
