Network Security Engineer (SASE/ZTNA)

About The Position

Requirements

• Experience - 5+ years in Network/VPN Engineering.
• - 2+ years hands-on experience with SASE/ZTNA platforms and Cloud services.
• Critical Skills - Strong critical thinking and problem-solving skills.
• - Effective communication and teamwork abilities.
• - Fast learner with the ability to adapt to evolving technologies.
• Architecture - Solid understanding of SD-WAN integration with SSE/SASE frameworks.
• OS Proficiency - Deep understanding of Windows 10/11 network behaviors and troubleshooting on client-side devices.
• Routing & Proxy - Strong knowledge of routing protocols, proxy (PAC file configuration), and architecture concepts.
• VPN & NAC - Hands-on experience with Cisco Secure Client (AnyConnect), firewalls, and 802.1X authentication protocols.
• Monitoring & Ops - Proficiency in tools such as SNMP, SIEM, Grafana, and Docker troubleshooting for monitoring operational health.
• SASE/ZTNA - Hands-on expertise with solutions, including Netskope, Zscaler, or Palo Alto Networks Prisma Access.
• Programming Skills - Strong experience with scripting and automation using Python, PowerShell, or Bash.

Nice To Haves

• Certifications such as CCNP Security, NSE4, Zscaler Certified Cloud Engineer, or equivalent are highly desirable.
• Familiarity with secure DevOps principles and CI/CD in cloud environments.
• Experience securing hybrid cloud workloads across AWS, Azure, and Google Cloud.

Responsibilities

• Implementation & Maintenance: Assist in deploying and managing SASE/SSE components, including Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB), Firewall-as-a-Service (FWaaS), SD-WAN, and Zero Trust Network Access (ZTNA).
• Modernizing Access: Support the migration from legacy Cisco Secure Client environments to identity-centric Zero Trust models, ensuring a smooth transition and troubleshooting any challenges.
• Automation & Integration: Write and understand API scripts (e.g., Python, PowerShell, Bash) for automating manual tasks, pulling security telemetry, and integrating Netskope or other cloud-native services.
• Advanced Network Troubleshooting: Routing & Proxy: Diagnose and resolve traffic flow issues, PAC file misconfigurations, transparent proxies, and SSL inspection challenges.
• Protocol Analysis: Utilize Wireshark or tcpdump to troubleshoot complex network paths, including latency, packet loss, and SSL/TLS issues.
• Connectivity: Resolve issues involving VLANs, NAT, 802.1X supplicants, DNS, and SaaS/COTS applications.
• SD-WAN Integration: Collaborate on integrating SD-WAN with SASE platforms for secure traffic steering and optimal performance.
• Infrastructure Monitoring & Health: Manage and monitor network health using SNMP, SIEM, Grafana, and syslog tools. Troubleshoot network connectivity issues within Docker/Linux environments.
• Cloud Security Support: Maintain firewall policies across AWS, Azure, and GCP while managing API-based security integrations with products such as Netskope.

Benefits

• Competitive compensation and benefits package.
• Opportunity to work on cutting-edge SASE/ZTNA solutions and architectures.
• Collaborative environment fostering professional growth and innovation.