Job Title: Network Security Engineer / Security Architecture & Operations Specialist - Level 3
Role Overview
Seeking a skilled Network Security Engineer to design, deploy, and operate enterprise security architectures across network, cloud, and security operations environments.
This role focuses on Security Service Edge (SSE), Zero Trust architecture, SIEM engineering, and vulnerability management, ensuring scalable, resilient, and well-integrated security operations capabilities.
The ideal candidate will combine engineering expertise with operational experience, supporting both strategic deployments and day-to-day security operations.
Key Responsibilities 1. Security Service Edge (SSE) & Zero Trust Implementation
- Design and implement SSE and Zero Trust Network Access (ZTNA) solutions
- Configure and manage:
- Secure Web Gateways (SWG)
- VPN (IPSEC/SSL) architectures
- Endpoint agent policies and controls
- Lead user migration to cloud-native security platforms such as Prisma Access, Netskope, or Zscaler
- Optimize access policies aligned to Zero Trust principles (least privilege, segmentation, identity-based access)
2. SIEM Engineering & Security Analytics
- Architect, deploy, and optimize Security Information and Event Management (SIEM) platforms (e.g., Splunk)
- Perform:
- Log/data onboarding and normalization (Common Information Model)
- Development of correlation rules and detection use cases
- Integrate SIEM with:
- Ticketing/workflow systems
- Threat intelligence platforms
- Enhance detection coverage and reduce false positives through tuning and analytics optimization
3. Vulnerability Management Engineering
- Design and operate enterprise vulnerability management programs
- Configure and optimize scanning tools (e.g., Qualys, Tenable):
- Asset discovery and classification
- Scan policy automation
- Deliver:
- Vulnerability remediation insights
- As-built documentation and operational playbooks
4. Network Security & Infrastructure Engineering
- Design and configure multi-vendor firewall architectures, including:
- Palo Alto Networks NGFW
- Zscaler SASE
- Check Point
- Cisco NGFW / Firepower
- Fortinet and Juniper platforms
- Implement secure connectivity:
- IPSEC tunnels, SSL VPN
- Routing, filtering, and segmentation policies
- Support:
- Identity integration (Active Directory, SAML)
- Secure application access controls
5. Security Operations & Staff Augmentation Support
- Provide hands-on operational support and consulting, including:
- SAML-based authentication integrations
- Proxy Auto-Configuration (PAC) file development
- Application segmentation and policy tuning
- Support security operations teams with:
- Incident triage enhancements
- Platform troubleshooting and performance tuning
Required Skills & Experience Core Technical Skills
- Hands-on experience in:
- SSE / Zero Trust platforms (Prisma Access, Netskope, Zscaler)
- SIEM engineering and security analytics (Splunk preferred)
- Strong networking and security knowledge:
- VPNs (IPSEC & SSL)
- Firewalls and network segmentation
- Identity and access integration (AD, SAML)
Tools & Platforms
- SIEM: Splunk Enterprise Security (or equivalent)
- Vulnerability tools:
- Network security:
- Multi-vendor firewall configurations
- Monitoring and analysis tools
Automation & Integration (Preferred)
- Experience integrating:
- SIEM with external platforms (ticketing, threat intel)
- Exposure to scripting/automation for:
- Security operations workflows
- Configuration optimization
Certifications (Preferred)
- CISSP (ISC )
- CompTIA Security+
- Palo Alto PCNSE
- Fortinet NSE 4
- Relevant cloud/security certifications
Soft Skills & Attributes
- Strong engineering mindset with hands-on troubleshooting capability
- Ability to bridge architecture and operations (build vs run)
- Strong documentation skills (design docs, runbooks, as-built artifacts)
- Effective collaboration with SOC, network, and cloud teams
- High attention to detail and problem-solving approach