Network Security Engineer

Hiring: W2 Candidates Only

Visa: Open to any visa type with valid work authorization in the USA

We are looking for an experienced Network Security Engineer to design, implement, and manage security infrastructure that protects enterprise networks, data, and systems. The ideal candidate has strong hands-on experience with firewalls, VPNs, IDS/IPS, network segmentation, and cybersecurity best practices.

Key Responsibilities

• Design, deploy, and maintain network security solutions including firewalls, VPNs, IDS/IPS, proxies, and NAC.
• Configure and manage next-generation firewalls (NGFW) such as Palo Alto, Fortinet, Cisco ASA/Firepower, or Check Point.
• Monitor and secure network traffic across LAN/WAN, cloud networks, and perimeter environments.
• Implement and maintain secure remote access solutions, SSL/IPSec VPN, and Zero Trust architecture.
• Conduct firewall rule reviews, security policy optimization, and rule clean-up activities.
• Manage threat prevention tools including URL filtering, sandboxing, malware detection, and intrusion prevention systems.
• Respond to security incidents related to network threats, malware outbreaks, and suspicious traffic patterns.
• Perform network vulnerability assessments and remediate security gaps.
• Work with SIEM platforms (Splunk, QRadar, Sentinel, Elastic) to analyze alerts and logs.
• Configure and manage network segmentation, VLANs, ACLs, and secure routing configurations.
• Collaborate with SOC, Infrastructure, Cloud, and IT teams to implement secure solutions.
• Maintain compliance with security frameworks (ISO 27001, NIST, PCI-DSS, HIPAA).
• Document security configurations, runbooks, and incident response procedures.

Required Skills & Qualifications

• Bachelor s degree in Computer Science, Cybersecurity, Information Technology, or related field.
• 3-8+ years of experience in network security engineering roles.
• Strong understanding of TCP/IP, DNS, DHCP, routing, switching, VPN, VLANs, NAT, and subnetting.
• Hands-on experience with one or more firewall platforms:
  • Palo Alto
  • Cisco ASA/Firepower
  • Fortinet FortiGate
  • Check Point
• Experience with IDS/IPS solutions (Snort, Suricata, Firepower, Palo Alto Threat Prevention).
• Solid understanding of network protocols, packet captures, and traffic analysis tools (Wireshark, tcpdump).
• Experience with SIEM tools for event monitoring and threat detection.
• Knowledge of network segmentation, Zero Trust, and least privilege security models.
• Experience implementing SSL/TLS, IPSec, and certificate-based authentication.
• Ability to troubleshoot complex network and security issues efficiently.

Preferred Qualifications

• Industry certifications such as:
  • PCNSE (Palo Alto), CCNP Security, CEH, CISSP, Security+, Fortinet NSE4-NSE7
• Experience with cloud networking and cloud security (AWS, Azure, Google Cloud Platform).
• Familiarity with automation and scripting (Python, Ansible).
• Hands-on experience with proxies, WAFs, DLP, CASB, or SASE solutions.
• Experience in SOC or incident response environments