Position Summary:
We are looking for a
Network Security Engineerto support the advancement of our secure access infrastructure and play a key role in managing and modernizing our security operations. The individual will play a significant role in transitioning from a legacy Cisco Secure Client environment to a modern, cloud-native
SASE (Secure Access Service Edge)architecture, with a strong focus on
Zero Trust Network Access (ZTNA).If you are a skilled network engineer with a passion for SASE, ZTNA, and automation, we encourage you to apply and help drive our organizations secure and efficient future.
Key Responsibilities:
- Implementation & Maintenance:
- Assist in deploying and managing SASE/SSE components, including Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB), Firewall-as-a-Service (FWaaS), SD-WAN, and Zero Trust Network Access (ZTNA).
- Modernizing Access:
- Support the migration from legacy Cisco Secure Client environments to identity-centric Zero Trust models, ensuring a smooth transition and troubleshooting any challenges.
- Automation & Integration:
- Write and understand API scripts (e.g., Python, PowerShell, Bash) for automating manual tasks, pulling security telemetry, and integratingNetskopeor other cloud-native services.
- Advanced Network Troubleshooting:
- Routing & Proxy:Diagnose and resolve traffic flow issues, PAC file misconfigurations, transparent proxies, and SSL inspection challenges.
- Protocol Analysis:UtilizeWiresharkortcpdumpto troubleshoot complex network paths, including latency, packet loss, and SSL/TLS issues.
- Connectivity:Resolve issues involving VLANs, NAT, 802.1X supplicants, DNS, and SaaS/COTS applications.
- SD-WAN Integration:Collaborate on integrating SD-WAN with SASE platforms for secure traffic steering and optimal performance.
- Infrastructure Monitoring & Health:
- Manage and monitor network health usingSNMP, SIEM, Grafana, and syslog tools.
- Troubleshoot network connectivity issues withinDocker/Linuxenvironments.
- Cloud Security Support:
- Maintain firewall policies across AWS, Azure, and GCP while managing API-based security integrations with products such asNetskope.
Required Qualifications:
Competency
Requirement
Experience
- 5+ years in Network/VPN Engineering.
- 2+ years hands-on experience with SASE/ZTNA platforms and Cloud services.
Critical Skills
- Strong critical thinking and problem-solving skills.
- Effective communication and teamwork abilities.
- Fast learner with the ability to adapt to evolving technologies.
Architecture
- Solid understanding of SD-WAN integration with SSE/SASE frameworks.
OS Proficiency
- Deep understanding of Windows 10/11 network behaviors and troubleshooting on client-side devices.
Routing & Proxy
- Strong knowledge of routing protocols, proxy (PAC file configuration), and architecture concepts.
VPN & NAC
- Hands-on experience with Cisco Secure Client (AnyConnect), firewalls, and 802.1X authentication protocols.
Monitoring & Ops
- Proficiency in tools such as SNMP, SIEM, Grafana, and Docker troubleshooting for monitoring operational health.
SASE/ZTNA
- Hands-on expertise with solutions, includingNetskope,Zscaler, orPalo Alto Networks Prisma Access.
Programming Skills
- Strong experience with scripting and automation using Python, PowerShell, or Bash.
Preferred Qualifications:
- Certifications such asCCNP Security, NSE4, Zscaler Certified Cloud Engineer, or equivalent are highly desirable.
- Familiarity with secure DevOps principles and CI/CD in cloud environments.
- Experience securing hybrid cloud workloads acrossAWS,Azure, andGoogle Cloud.
Job Benefits:
- Competitive compensation and benefits package.
- Opportunity to work on cutting-edge SASE/ZTNA solutions and architectures.
- Collaborative environment fostering professional growth and innovation.
