Network & Data Security Engineer

Job Summary:

The Network & Data Security Engineer is responsible for designing, implementing, and maintaining secure network infrastructure and data protection systems. This role ensures the confidentiality, integrity, and availability of enterprise data and network resources across cloud and on-prem environments.

Key Responsibilities:

Network Security

• Design, configure, and maintain secure network architectures, including LAN, WAN, VPN, and SD-WAN environments.
• Manage and monitor next-generation firewalls (e.g., Palo Alto, Fortinet, Check Point, Cisco ASA/Firepower).
• Implement and maintain IDS/IPS, DLP, and NAC solutions.
• Conduct vulnerability assessments, penetration testing, and risk mitigation for network components.
• Manage network segmentation and micro-segmentation to limit lateral movement of threats.
• Monitor traffic and analyze logs to detect anomalies and potential intrusions.

Data Security

• Implement and manage data encryption (in transit and at rest) using industry best practices (TLS, IPsec, AES, etc.).
• Manage DLP (Data Loss Prevention) systems to protect sensitive information from unauthorized disclosure.
• Support compliance with data protection regulations (GDPR, HIPAA, PCI-DSS, ISO 27001, etc.).
• Develop and maintain policies for secure data access, storage, and backup.
• Integrate data security controls across cloud platforms (Azure, AWS, Google Cloud Platform).

Incident Response & Monitoring

• Collaborate with SOC teams for real-time threat detection and incident response.
• Analyze and respond to security events, breaches, and policy violations.
• Participate in root cause analysis and create remediation plans.

Automation & Tools

• Utilize SIEM tools (e.g., Splunk, Microsoft Sentinel, QRadar) for event correlation and threat analysis.
• Automate network and security configurations using scripts or tools (Python, PowerShell, Ansible).
• Maintain configuration baselines and documentation for all security appliances and tools.

Collaboration & Governance

• Work closely with IT, DevOps, and Cloud teams to integrate security by design in projects.
• Conduct regular security awareness training and reviews for network and data systems.
• Support audits and maintain documentation for compliance purposes.

Required Skills & Experience:

Technical Skills

• Strong hands-on experience with firewall platforms: Palo Alto (preferred), Fortinet, Cisco ASA/Firepower.
• Expertise in VPN, IPsec, SSL/TLS, DNS security, load balancers, and proxies.
• Familiarity with cloud network security (Azure NSGs, AWS Security Groups, CloudFlare, etc.).
• Knowledge of IDS/IPS, SIEM, DLP, and endpoint protection technologies.
• Proficiency in routing and switching protocols (BGP, OSPF, VLANs, STP).
• Scripting skills for automation (Python, Bash, PowerShell).
• Experience with zero-trust and identity-based network access models.

Soft Skills

• Analytical mindset with strong problem-solving and troubleshooting abilities.
• Excellent written and verbal communication skills.
• Ability to work independently and within cross-functional teams.
• Strong attention to detail and documentation discipline.

Education & Certifications:

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
• Certifications preferred:
  • Network: CCNP Security, PCNSE (Palo Alto), NSE 4/5/6 (Fortinet)
  • Security: CISSP, CISM, CompTIA Security+, CEH
  • Cloud: Azure Security Engineer Associate, AWS Certified Security Specialty

Experience:

• 3 7 years of hands-on experience in network and data security engineering.
• Proven track record in managing enterprise-scale secure network environments.
• Experience with incident response, security monitoring, and regulatory compliance frameworks.