Senior Security & Network Engineer

About The Position

Requirements

• A minimum of 7 years of experience in network engineering and security
• Hands-on expertise with: Azure networking (VNets, VPNs, routing, firewall), Fortinet firewalls (FortiGate required), Enterprise LAN/WAN and distributed environments
• Strong understanding of: TCP/IP, routing protocols, and segmentation, VPN technologies and secure remote access, Zero Trust architecture principles
• Experience supporting regulatory frameworks (NIST 800-171, CMMC, or similar)
• Experience with the Microsoft Security Suite(Defender, MDO, Purview, and Sentinel)
• Proven ability to troubleshoot complex hybrid (cloud + on-prem + field) environments

Nice To Haves

• Certifications (preferred): Azure Network Engineer Associate, CISSP, CCNP, or equivalent
• Experience with: SD-WAN design and deployment (Fortinet preferred), Ubiquiti WiFi, Construction or distributed workforce environments, Network monitoring, SIEM, or observability tools, Intune and endpoint management, Vulnerability management, remediation workflows, and security hardening, Infrastructure-as-Code

Responsibilities

• Design, deploy, and maintain Azure networking architectures, including: Virtual Networks (VNets), subnets, and peering, Azure Firewall, NSGs, and routing tables, VPN gateways and hybrid connectivity (site-to-site and point-to-site)
• Support and optimize Azure landing zones and network segmentation
• Ensure secure connectivity between on-prem environments, jobsites, and Azure workloads
• Monitor performance, availability, and cost optimization of Azure network resources
• Manage and support LAN/WAN infrastructure across corporate offices, plants, and jobsites
• Design and implement secure, scalable jobsite connectivity solutions, including temporary and mobile deployments
• Support and evolve SD-WAN architecture to improve reliability, performance, and centralized management
• Configure and maintain: Core switching and routing, VLAN segmentation and IP addressing strategy, Wireless and remote site connectivity
• Troubleshoot complex connectivity, latency, and routing issues across distributed environments
• Design, implement, and manage Fortinet firewall solutions, including: Policy management, rule optimization, and segmentation, VPN configuration and troubleshooting, IDS/IPS and secure access enforcement
• Administer and support Fortinet ecosystem components (FortiGate, FortiClient, EMS, SD-WAN capabilities)
• Implement and manage Microsoft security technologies, including: Microsoft Defender (endpoint, identity, and cloud protection), Entra ID (Azure AD), Conditional Access, and identity governance, Microsoft Purview for data protection and classification
• Enforce Zero Trust principles, least privilege access, and network segmentation strategies
• Assist with implementation and maintenance of technical controls supporting CMMC and NIST SP 800-171 requirements
• Support audits, assessments, and evidence collection for CMMC and other regulatory frameworks
• Collaborate with security leadership to continuously improve cybersecurity posture and risk management
• Participate in incident response, threat monitoring, and vulnerability remediation efforts
• Work closely with IT leadership and cross-functional teams to support business-critical systems and field operations
• Participate in infrastructure planning, including Azure expansion and new site deployments
• Provide escalation support for networking and security incidents
• Maintain network diagrams, security documentation, and configuration standards
• Identify opportunities for automation, standardization, and operational efficiency

Benefits

• medical, dental, and vision insurance
• 401(k) with company match and exceptional profit-sharing plan
• annual performance bonus eligibility
• free employee parking