Position Summary:

We are looking for aNetwork Security Engineerto support the advancement of our secure access infrastructure and play a key role in managing and modernizing our security operations. The individual will play a significant role in transitioning from a legacy Cisco Secure Client environment to a modern, cloud-nativeSASE (Secure Access Service Edge)architecture, with a strong focus onZero Trust Network Access (ZTNA).If you are a skilled network engineer with a passion for SASE, ZTNA, and automation, we encourage you to apply and help drive our organizations secure and efficient future.

Key Responsibilities:

• Implementation & Maintenance:
  • Assist in deploying and managing SASE/SSE components, including Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB), Firewall-as-a-Service (FWaaS), SD-WAN, and Zero Trust Network Access (ZTNA).
• Modernizing Access:
  • Support the migration from legacy Cisco Secure Client environments to identity-centric Zero Trust models, ensuring a smooth transition and troubleshooting any challenges.
• Automation & Integration:
  • Write and understand API scripts (e.g., Python, PowerShell, Bash) for automating manual tasks, pulling security telemetry, and integratingNetskopeor other cloud-native services.
• Advanced Network Troubleshooting:
  • Routing & Proxy:Diagnose and resolve traffic flow issues, PAC file misconfigurations, transparent proxies, and SSL inspection challenges.
  • Protocol Analysis:UtilizeWiresharkortcpdumpto troubleshoot complex network paths, including latency, packet loss, and SSL/TLS issues.
  • Connectivity:Resolve issues involving VLANs, NAT, 802.1X supplicants, DNS, and SaaS/COTS applications.
  • SD-WAN Integration:Collaborate on integrating SD-WAN with SASE platforms for secure traffic steering and optimal performance.
• Infrastructure Monitoring & Health:
  • Manage and monitor network health usingSNMP, SIEM, Grafana, and syslog tools.
  • Troubleshoot network connectivity issues withinDocker/Linuxenvironments.
• Cloud Security Support:
  • Maintain firewall policies across AWS, Azure, and GCP while managing API-based security integrations with products such asNetskope.

Required Qualifications:

Competency

Requirement

Experience

- 5+ years in Network/VPN Engineering.

- 2+ years hands-on experience with SASE/ZTNA platforms and Cloud services.

Critical Skills

- Strong critical thinking and problem-solving skills.

- Effective communication and teamwork abilities.

- Fast learner with the ability to adapt to evolving technologies.

Architecture

- Solid understanding of SD-WAN integration with SSE/SASE frameworks.

OS Proficiency

- Deep understanding of Windows 10/11 network behaviors and troubleshooting on client-side devices.

Routing & Proxy

- Strong knowledge of routing protocols, proxy (PAC file configuration), and architecture concepts.

VPN & NAC

- Hands-on experience with Cisco Secure Client (AnyConnect), firewalls, and 802.1X authentication protocols.

Monitoring & Ops

- Proficiency in tools such as SNMP, SIEM, Grafana, and Docker troubleshooting for monitoring operational health.

SASE/ZTNA

- Hands-on expertise with solutions, includingNetskope,Zscaler, orPalo Alto Networks Prisma Access.

Programming Skills

- Strong experience with scripting and automation using Python, PowerShell, or Bash.

Preferred Qualifications:

• Certifications such asCCNP Security, NSE4, Zscaler Certified Cloud Engineer, or equivalent are highly desirable.
• Familiarity with secure DevOps principles and CI/CD in cloud environments.
• Experience securing hybrid cloud workloads acrossAWS,Azure, andGoogle Cloud.

Job Benefits:

• Competitive compensation and benefits package.
• Opportunity to work on cutting-edge SASE/ZTNA solutions and architectures.
• Collaborative environment fostering professional growth and innovation.