Network Security Engineer managing operations, implementing security architecture, and providing L3 support. Expertise in Checkpoint, Zscaler, Cloudflare, Aruba Clearpass, and email security required.
Responsibilities
Manage day-to-day Operations according to customer environment. Develop and implement network security architecture, policies, and procedures to protect against threats. Provide L3 level support on critical/Outage situations and drive end to end until the resolution. Create and maintain comprehensive documentation related to network security infrastructure and procedures following the NIST and CIS standards. Identify inefficiencies in the operations and identify potential solutions to improve efficiency. Own and drive improvements in the areas of Operations, technology, Advisory and customer satisfaction. Stay up to date on emerging security threats, technologies, and industry trends. Manage and mentor a team of network security engineers and analysts. Identify possible automation capabilities and deliver across multiple customer environments. Should be cross-skilled across multiple technologies covering products like Firewalls, Web-Proxies, as well as cloud security products (AWS, Azure, GCP etc.). Prepare weekly and monthly performance reports across multiple customer environments. Conduct internal training to address skill gaps and motivate the team to do technical certifications.
Requirements
Minimum overall experience of 8-12 years. Minimum of 8 years’ experience in Information Security. Minimum of 6 years’ experience in running a Security Operations Center for a large organization. Strong expertise in: Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure. Good working experience on checkpoint VPN (S2S & Remote access). Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection. Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols. Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services. Resolve complex authentication failures, latency issues, and TACACS+ service issues. Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation. Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler’s cloud security concepts. Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows. Deep understanding of Zero Trust Network Access (ZTNA), Firewalls, and IPSec/SSL VPNs. Experience on maintaining any email security gateway platforms to optimize filtering. Experience on Investigation, quarantine, and remediation of malicious, suspicious, or spoofed emails. Design, build, and maintain scalable infrastructure to analyze email patterns and detect anomalies in real-time with the help of Abnormal AI tool. Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP). Good command of the English language, with excellent written and verbal skills. Proactive in communication and appropriate selection of audience according to topic. Highly organized and capable of tracking a variety of tasks to closure. Good time management principles and effective in prioritizing workloads. Works collaboratively with other teams and builds positive working relationships. Able to learn quickly and apply common sense to new situations. Open and transparent style and approach when working with others. Places a significant level of importance on personal & team development. Accepting feedback from managers, peers, and clients regarding work performance. Utilizes a goal-oriented approach. Takes the initiative to work on tasks outside of his or her immediate scope of responsibility and encourages others to do so.
Intern in operational security at Investissement Québec, supporting security alert management and vulnerability tracking in a supervised learning environment.
IT Information Security Lead at Mirego, responsible for technology and information security management. Overseeing compliance and IT strategies while maintaining operational efficiency.
Cybersecurity Specialist focusing on offensive security for Exposant 3. Performing penetration testing, security audits, and team knowledge transfer in a hybrid work setup.
Financial security advisor in life and health insurance, developing and maintaining client relationships. Selling insurance products and assessing customer needs to provide personalized solutions.
Senior Security Engineer designing and maintaining Microsoft 365 security solutions at ResMed. Focusing on compliance, incident response, and collaboration with global teams.
Senior Infrastructure professional solving practical security challenges and improving enterprise systems security at Confluence. Focused on implementation, remediation, and secure operations across Windows and Linux environments.
Senior infrastructure professional responsible for vulnerability remediation and security improvements across enterprise systems at Confluence. Hands - on role involving Windows and Linux environments with strong collaboration with Cybersecurity team.
Enterprise Security Architect responsible for implementing information security best practices at SecureOps. Collaborating with clients to analyze networks and provide effective security solutions.
Health, safety, and environment advisor responsible for maintaining compliance and promoting safety practices. Supporting project teams and developing SSE programs to manage risks in the workplace.