Job Summary

We are seeking a highly skilled Network Engineer with a strong specialization in firewall administration and cloud security to join our dynamic SRE team. The Network Engineer will play a pivotal role in designing, implementing, and maintaining our network security infrastructure, ensuring the protection of our cloud environments and on-premises networks. This role requires expertise in firewall technologies, network security best practices, cloud security principles, and the ability to collaborate with cross-functional teams to safeguard our organization's digital assets.

Key Duties & Responsibilities (in Decreasing Critical Emphasis Order)

1

• Firewall Administration:
• Firewall Configuration: Configure, manage, and maintain firewall devices (Vyatta, Fortinet Fortigate) for on-premises and cloud environments.
• Security Policy Enforcement: Implement and enforce firewall policies to protect against unauthorized access and malicious attacks.
• Log Monitoring and Analysis: Monitor firewall logs for security incidents and respond promptly to mitigate threats.
  
  
  

2

• Network Security:
• Security Assessments: Conduct regular security assessments and vulnerability scans to identify and address potential security risks.
• Incident Response: Participate in incident response activities, investigate security breaches, and coordinate remediation efforts.
• Security Awareness: Promote security awareness within the organization and provide training to team members.
  
  
  

3

• Cloud Security:
• Cloud Security Architecture: Design, implement, and manage cloud security architectures for AWS and GCP environments, including VPCs, security groups, IAM roles, and access controls.
• Cloud Security Services: Leverage cloud-native security services (e.g., WAF, IDS, IPS, SIEM) to protect cloud resources and detect threats.
• Cloud Security Best Practices: Adhere to cloud security best practices and compliance frameworks (e.g., CIS, NIST, ISO 27001).
  
  
  

4

• Network Infrastructure:
• Collaborate with network architects to design and implement network security solutions that meet the organization's needs.
• Troubleshoot and resolve network connectivity issues, ensuring minimal downtime and optimal performance.
• Network Troubleshooting: Diagnose and resolve network issues, including connectivity problems, latency, and packet loss. Collaborate with Support teams to investigate and resolve network-related incidents.
  
  
  

4

• Network Optimization:
• Continuously monitor network performance, identify bottlenecks, and optimize network configurations for efficiency and reliability.
• Capacity Planning:
• Monitor network traffic and usage patterns to identify and address capacity and performance bottlenecks.
• Implement network monitoring tools to proactively identify issues and generate alerts.
• Respond to network alerts and incidents in a timely manner.
• Plan and execute network capacity upgrades as needed.
  
  
  

5

• Documentation:
• Maintain detailed documentation of firewall configurations, network diagrams, and security policies.
• Create and update network documentation to ensure accuracy and consistency.
  
  
  

6

• Incident Response:
• Participate in incident response activities, investigate security incidents, and coordinate efforts to contain and remediate security breaches.
  
  
  

7

• Collaboration and Training:
• Collaborate with other SRE and IT teams to implement security best practices across the organization.
• Provide training and guidance to junior team members on network security and firewall administration.
  
  
  

Qualifications/Skills/Abilities

Minimum Requirements

Formal Education

• Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).
  
  
  

Experience (type & duration)

• 5+ years of proven experience as a Network Engineer with a strong focus on firewall administration.
• Telecom domain experience is good to have.
  
  
  

Skills

• In-depth knowledge of firewall technologies, including but not limited to Cisco ASA, Palo Alto, and Fortinet.
• Familiarity with intrusion detection and prevention systems (IDPS) and security information and event management (SIEM) tools.
• Familiarity with cloud security concepts and technologies (AWS, GCP).
• Strong understanding of network protocols, routing, and switching.
• Vyatta router config good to have
• Working knowledge of vmware
  
  
  

Accreditation/certifications/licenses

• CCNA / CCNP mandatory.
• Certified Information Systems Security Professional (CISSP) or network certification, CCNP, CompTIA network+, etc is a plus.
• Preferred:
• Experience with cloud security certifications (AWS Certified Security - Specialty, GCP Certified Professional Cloud Security Engineer).
• Knowledge of scripting languages (e.g., Python, Bash) for automation.
• Experience with network automation tools.
  
  
  

Preferred

Formal Education

Experience (type & duration)

Skills

Accreditation/certifications/licenses

Travel Requirements