Network Security Engineer – III

This is a fully remote position, open to applicants in India.

📋 Description

• Lead the migration, configuration, and maintenance of Cisco ASA (Classic) and Firepower (FTD) systems while overseeing a robust Palo Alto environment through Panorama.

• Design and manage F5 BIG-IP solutions, concentrating on LTM (Local Traffic Manager) for load balancing and ASM/WAF (Application Security Manager) to safeguard web applications.

• Implement and oversee micro-segmentation policies and virtualized security services within VMware NSX (T/V) environments.

• Develop strategies for migrating legacy Cisco ASA rulesets to Cisco Firepower or Palo Alto NGFWs without causing service interruptions.

• Serve as the highest escalation point for intricate network outages, security incidents, or performance issues across the global network.

• Deliver outstanding customer support via phone and ticketing systems.

• Manage level-appropriate customer inquiries and concerns, ensuring they are resolved effectively.

• Handle support escalations from fellow engineers and support teams in accordance with established escalation procedures.

• Collaborate with Service Delivery Managers and Account Executives to foster strong customer relationships.

• Work closely with customers during the pre-implementation phase to design and architect tailored solutions.

• Collaborate with the implementation team to perform quality checks on deployments and conduct initial vulnerability assessments as part of the customer environment acceptance process.

• Research, plan, and coordinate complex maintenance activities.

• Participate in Root Cause Analysis (RCA) exercises to enhance processes and technologies.

• Share knowledge and collaborate with other administrators and engineers through articles and training presentations.

• Contribute to the creation of technical best practices for administrative tasks.

• Prepare and review established policy and process standards.

• Effectively communicate, both verbally and in writing, with customers and internal stakeholders, including preparing and delivering presentations to customers both electronically and on-site.

• Must be willing to work a flexible schedule, providing 24x7x365 coverage, including holidays and weekends.

⛳️ Requirements

• Advanced knowledge of Cisco ASA (CLI/ASDM) and Firepower Threat Defense (FTD) managed via FMC.

• Extensive experience with Palo Alto NGFW features (App-ID, User-ID, SSL Decryption).

• Proficiency in F5 BIG-IP, including iRules development, SSL offloading, and traffic steering.

• Hands-on experience with VMware NSX, specifically in configuring distributed firewalls (DFW) and edge gateways.

• Mastery of TCP/IP, BGP, OSPF, and deep packet inspection.

• Candidates must possess industry-recognized certifications:

• 1. Cisco Security (Primary): CCNP Security – Required. CCIE Security – Highly Preferred. Specialist certifications in Firepower or ASA are a notable advantage.

• 2. Palo Alto Networks (Secondary): PCNSE (Palo Alto Networks Certified Network Security Engineer) – Highly Preferred.

• 3. Supplemental (Preferred): F5-CTS (Certified Technology Specialist). VCP-NV (VMware Certified Professional – Network Virtualization).

• Advanced level experience in network security engineering.

• Proven experience managing complex firewall rule bases (10,000+ rules) across various platforms.

• Expertise in troubleshooting complex asymmetric routing issues and application-level latency in a multi-vendor setting.

🏝️ Benefits

• Health insurance

• 401(k) matching

• Flexible work hours

• Paid time off

• Professional development opportunities