Job Title: Network Security Microsegmentation Engineer
Location: REMOTE
Pay Rate: Open to W2
Position Type: Multiyear Contract
Candidates must live in the United States and be able to work on our payroll as a W2 hourly contractor. Will consider established 1099’s if you have your OWN company with no other partners, shareholders, family, or employees and have filed taxes under this company for at least one year. No c2c.
The Senior Network Security Engineer must have strong Illumio microsegmentation and Zero Trust expertise, and solid networking, firewall, and troubleshooting skills. Candidates must have a minimum of 7 years of professional network security experience and at least 5 years of professional hands-on experience with Illumio.
This position is a hands-on Network Security Microsegmentation Engineer focused on implementing and operating an enterprise Zero Trust security strategy using Illumio. The engineer will analyze application traffic flows, create and enforce microsegmentation policies, reduce lateral movement risk, troubleshoot connectivity issues, and work closely with infrastructure, application, cybersecurity, and architecture teams. The role combines network security engineering, firewall policy management, traffic analysis, and Zero Trust implementation across on-premises and cloud environments.
The Network Security Microsegmentation Engineer will help advance our enterprise Zero Trust security strategy. This role will focus on designing, implementing, and supporting microsegmentation controls using Illumio to reduce lateral movement risk and enforce least-privilege access across enterprise workloads. The successful candidate will have strong network security experience, practical knowledge of network fundamentals, and hands-on exposure to Illumio or similar microsegmentation platforms. This individual will partner closely with application, infrastructure, cybersecurity, and architecture teams to analyze traffic flows, build segmentation policies, troubleshoot connectivity issues, and support secure application communication. This is a hands-on engineering role suited for someone who understands both the technical depth of network security and the operational discipline required to implement segmentation safely in production environments.
The Network Security Microsegmentation Engineer will support the design, implementation, and operational management of enterprise microsegmentation capabilities. This role will focus on securing application workloads and supporting Zero Trust initiatives using Illumio.
Key Responsibilities
- Design, implement, and maintain microsegmentation policies using Illumio.
- Analyze application communication flows and define dependencies.
- Enforce least-privilege access aligned to Zero Trust principles.
- Deploy segmentation policies across hybrid and on-prem environments.
- Collaborate with application and infrastructure teams.
- Troubleshoot blocked or unexpected traffic.
- Support change management and policy lifecycle operations.
- Document segmentation design and procedures.
Required Qualifications - 7 years experience in network security or cybersecurity engineering.
- 5 years of hands-on experience with Illumio.
- Strong understanding of Zero Trust principles.
- Solid networking fundamentals (TCP/IP, DNS, routing, firewalls).
- Experience with firewall policy design and traffic analysis.
- Strong understanding of network security technologies including firewalls, routing, ACLs, traffic analysis, and policy enforcement across on-premises and cloud environments.
- Experience analyzing network traffic and security logs to troubleshoot application connectivity and segmentation-related issues.
- Strong troubleshooting skills.
- Experience with Windows and Linux.
Preferred Qualifications - Experience implementing microsegmentation policies at enterprise scale.
- Cloud security experience in Azure, AWS, and/or Google Cloud Platform environments.
- Hands-on experience with Palo Alto Networks and/or Check Point firewall administration, policy management, and traffic analysis.
- Experience using Splunk or similar SIEM and log analytics platforms (e.g., Microsoft Sentinel, QRadar, Elastic, LogRhythm) for security monitoring, troubleshooting, and traffic investigation.
- Familiarity with security tools including SIEM, EDR, vulnerability management, and network visibility platforms.
- Scripting or automation experience using PowerShell, Python, or similar languages.
- Relevant security certifications such as CISSP, CCNP Security, PCNSE, CCSM, Security+, or equivalent.
.
System One, and its subsidiaries including Joulé and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
#M-
#LI-
Ref: #851-Rockville-S1