Network Security Engineer

We are seeking an experienced Lead Network Security Engineer to take a key role in designing, implementing, and managing our client's enterprise network security architecture in Washington, D.C. This role requires comprehensive expertise across the security domain, focusing on advanced controls like the Palo Alto Networks full stack, Cisco ISE for NAC, and securing complex hybrid environments involving AWS/Azure networking. The Lead Engineer will drive security architecture, lead policy implementation, manage incident response, and integrate security principles early into the development lifecycle ("shift left").

Network Security Engineering & Architecture

• Serve as the Subject Matter Expert (SME) for the Palo Alto Networks security stack (NGFWs, Panorama, Threat Prevention).
• Design, deploy, and manage enterprise network security controls, including IDS/IPS, VPN, Load Balancers, and Network Access Control (NAC) solutions.
• Implement and manage the Cisco Identity Services Engine (ISE) platform for network access and policy enforcement.
• Develop and enforce advanced network segmentation strategies across LAN, WAN, and cloud environments.
• Define and secure networking components and policies within AWS and Azure cloud platforms.
• Manage firewall configuration, maintenance, and upgrades, ensuring assessment of impact on applications.

• Lead the integration of security principles into system designs and deployments, supporting a CI/CD DevSecOps model ("shift left").
• Conduct thorough security assessments and risk analyses, driving compliance with industry best practices.
• Investigate, triage, and respond to network security alerts and incidents, performing forensic analysis as needed.
• Spearhead the collection, tracking, and communication of network security metrics and scorecards to leadership.
• Provide on-call support for critical planned and unplanned network maintenance events.
• Maintain accurate technical documentation, including network architecture diagrams and security plans.

Qualifications

8+ years of experience in Network Security Engineering or a related field.

Deep expertise and hands-on experience with Palo Alto Networks firewalls and management tools.

Proven, hands-on experience with Cisco Identity Services Engine (ISE) or similar enterprise NAC solutions.

Strong understanding of security concepts and networking components in AWS and/or Azure.

In-depth knowledge of the TCP/IP stack and foundational network protocols in securing large-scale environments.

Relevant certifications highly desirable (e.g., PCNSE, CCNP Security, CISSP).

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.