network security engineer

About The Position

Requirements

• High school diploma or equivalent.
• Minimum of 5 years of experience in information security and/or network engineering.
• Functional Technology Solutions & Systems Management: Design, maintain, and manage reliable technology infrastructure, solutions and operational systems.
• Data, Security & Digital Integrity: Protect information systems, digital assets, and data through effective security practices and data protection measures.
• Digital Innovation & User Experience: Develop and implement digital solutions to enhance member and team member experiences.
• Communication and Collaboration: Strong interpersonal skills to work with IT teams, management, and external auditors to ensure alignment on security goals and practices.

Nice To Haves

• Strong familiarity with banking or credit union core systems.

Responsibilities

• Research, design, engineer, implement, and support enterprise network security solutions aligned with industry best practices and organizational risk tolerance.
• Administer and maintain Palo Alto firewall infrastructure, including rule lifecycle management (creation, review, optimization, decommission), policy tuning, threat prevention, URL filtering, and firmware updates.
• Manage and mature the organization's Privileged Access Management (PAM) program, including credential vaulting, session monitoring, access policies, and periodic access reviews.
• Administer and enhance Single Sign-On (SSO) and identity federation configurations, ensuring secure authentication flows across enterprise applications.
• Harden and secure the Microsoft 365 environment, including Exchange Online, SharePoint, Teams, Entra ID, and Defender suite configurations, aligned with CIS benchmarks and organizational policy.
• Manage Microsoft Intune, including compliance policies, configuration profiles, conditional access integration, and device hardening standards.
• Develop, implement, and maintain system and network hardening standards across on-premises, cloud, and hybrid environments.
• Perform network traffic analysis and anomaly detection across network infrastructure, coordinating remediation efforts with Technology teams.
• Support network segmentation and microsegmentation strategy to reduce lateral movement risk and meet regulatory expectations.
• Support incident detection and response activities from the network layer, including packet capture, log analysis, and forensic support.
• Contribute to compliance and audit readiness efforts related to network and endpoint security controls (e.g., NCUA, GLBA, PCI-DSS).
• Respond to team member security questions, provide guidance on secure practices, and support security awareness efforts.
• Evaluate new technologies, applications, and vendor solutions for security risk, recommending appropriate safeguards to leadership.
• Stay current on emerging threats, vulnerabilities, and industry standards, applying knowledge to continuously improve the organization's security posture.
• Manage relationships with third-party security vendors, including the organization's Managed Security Services Provider (MSSP) and SIEM platform, ensuring service level expectations are met, alert tuning is current, and escalation processes are effective.
• Coordinate with vendors on security implementations, assessments, and ongoing managed service delivery.
• Maintain network security documentation, including architecture diagrams, runbooks, hardening baselines, and standard operating procedures.
• Support additional initiatives and priorities as directed by leadership.