Sr. Network Security Engineer

About The Position

Requirements

• Advanced network security engineering, including NGFW, VPN, IDS/IPS, WAF, NAT, VLANs, routing, switching, secure segmentation, network access control, Zero Trust principles, and defense-in-depth architecture.
• Hands-on firewall platform expertise, including policy design, rule optimization, troubleshooting, traffic analysis, change management, and audit support.
• Secure network architecture across enterprise, cloud, retail, and operational technology environments.
• Network-based threat detection, incident response, containment, forensic analysis, and remediation support.
• Operational technology security, including asset visibility, segmentation, monitoring, access control, and risk reduction in environments where uptime and operational reliability are critical.
• Security tools such as Wireshark, Nmap, Nessus, Snort, SIEM platforms, firewall management consoles, vulnerability management tools, and packet analysis tools.
• Cloud security concepts, including cloud firewalls, security groups, secure connectivity, workload protection, logging, and monitoring across Azure, AWS, or similar platforms.
• Threat modeling, risk assessment, vulnerability prioritization, remediation tracking, and security requirements definition.
• Scripting, automation, AI-enabled security tools, and analytics to streamline repetitive security engineering tasks and improve operational efficiency.
• Security documentation and compliance support, including network diagrams, firewall standards, runbooks, implementation plans, change records, audit evidence, and familiarity with PCI DSS, NIST CSF, ISO 27001, HIPAA, or related frameworks.
• Critical thinking and problem-solving, including the ability to assess complex network and security issues, determine root cause, evaluate risk, and implement practical solutions.
• Sound technical judgment, including the ability to balance security requirements with business operations, system availability, scalability, and user impact.
• Strong communication skills in writing, speaking, and presenting to both technical and non-technical audiences.
• Collaboration across Information Security, Infrastructure, Cloud, Networking, Retail, Operational Technology, GRC, and business teams.
• Leadership and influence, including the ability to lead technical initiatives, mentor others, drive alignment, and influence secure outcomes without relying on positional authority.
• Ownership, accountability, and attention to detail.
• Ability to prioritize work effectively in a fast-paced environment.
• Ability to remain calm, focused, and effective during high-severity incidents.
• Curiosity, continuous learning, adaptability, and willingness to evaluate emerging security technologies and threat trends.
• Strong documentation, knowledge-sharing, and stakeholder follow-through.
• Bachelor's Degree in Cyber Security, Information Security, Computer Science, Information Technology, Management Information Systems, or related field
• CISSP, CCNP Security, PCNSE, GIAC certification such as GCFW or GCIA, or other advanced network security certification

Nice To Haves

• Master's Degree in Cyber Security, Information Security, Computer Science, Information Technology, or related field
• Additional certifications related to cloud security, operational technology security, incident response, penetration testing, or Zero Trust architecture

Responsibilities

• Design, implement, and maintain enterprise network security solutions, including firewalls, VPNs, NAT, IDS/IPS, WAF, network segmentation, and secure remote access solutions.
• Lead architecture, deployment, policy creation, rule optimization, and threat prevention for next-generation, cloud, and web application firewall platforms.
• Develop secure network architecture across enterprise IT, cloud, retail, and operational technology environments, including appropriate segmentation, access control, and resilient design.
• Conduct advanced risk assessments, penetration testing support, and threat modeling for network infrastructure, perimeter defenses, IT systems, and OT environments; document findings and track remediation to closure.
• Create and maintain monitoring for network anomalies, support incident response, and lead investigations involving network-based threats.
• Stay current on emerging network threats, vulnerabilities, and security technologies; recommend and implement improvements that reduce risk and improve operational effectiveness.
• Develop, maintain, and enforce network security policies, standards, procedures, diagrams, and related documentation.
• Oversee firewall change management, including rule reviews, impact analysis, stakeholder coordination, audit readiness, and post-change validation.
• Support compliance activities and security control alignment with applicable frameworks, including PCI DSS, NIST CSF, ISO 27001, HIPAA, and related requirements.
• Collaborate with Technology, Infrastructure, Cloud, Networking, Retail, OT, and GRC teams to integrate network security controls into new and existing projects, platforms, and business initiatives.
• Represent Information Security in cross-functional projects and vendor assessments to ensure network security requirements are understood and met.
• Build and support the operational technology security program in partnership with business and technology stakeholders, with focus on OT visibility, segmentation, monitoring, access control, and risk reduction.
• Use automation, analytics, and AI-enabled security tools, where appropriate, to improve productivity, reduce manual effort, and increase consistency in security engineering and operations.
• Mentor junior engineers, provide technical guidance and training on network security best practices, lead related organizational change activities, and participate in the on-call rotation for high-severity incidents.