Senior Network Security Engineer

Job Summary:

The Senior Network Security Engineer is responsible for designing, implementing, and maintaining complex network and security infrastructures across the organization. This role includes managing enterprise-level LAN, WAN, cloud, and data center networks to ensure high performance, availability, scalability, and security. The role also includes managing Cisco Voice solutions, wireless networks, MPLS configurations, SMS communication, and vendor relationships, with a focus on maintaining high availability, business continuity, and security.

The engineer will lead networking projects, troubleshoot network issues, and collaborate with cross-functional teams to ensure that the organization's network architecture supports business objectives. In this senior role, you will also oversee network operations, lead network automation initiatives, and work closely with vendors to deliver top-tier networking solutions.

Key Responsibilities:

• Network Security Design:

o Design, implement, and manage highly available and secure Local Area Network (LAN) and Wide Area Network (WAN) infrastructures.

• Design and implement robust network security solutions to protect against external and internal threats, including firewalls, VPNs, IDS/IPS, and endpoint security.

o Optimize network performance and security, including network segmentation, VLANs, SD-WAN solutions, and MPLS implementations.

o Oversee the design and management of remote site connectivity, including VPN, MPLS, and site-to-site links.

• Cisco Voice Systems: Oversee the implementation, configuration, and management of Cisco Voice infrastructure (e.g., Unified Communications Manager, IP telephony) to ensure secure and reliable voice communication across the organization.
• Cloud Networking (Azure & AWS): Manage the vendor to oversee the Design, implement, and secure networking components within Azure and AWS environments, including virtual networks (VNets/VPCs), subnets, VPN gateways, security groups, route tables, and load balancers.
• Azure Connectivity: Ensure secure and optimized connectivity between on-premises networks and Azure environments using Azure ExpressRoute, VPN Gateways, and other Azure networking services. Implement hybrid cloud models, ensuring proper routing, redundancy, and failover strategies.
• Disaster Recovery (DR) Planning and Execution:
• DR Strategy Development: Develop and maintain the organization’s disaster recovery (DR) strategy to ensure business continuity in the event of network outages, security incidents, or data center failures.
• DR Infrastructure: Design and implement disaster recovery infrastructure, including cloud-based DR solutions (e.g., Azure Site Recovery, AWS Disaster Recovery), focusing on backup systems and failover mechanisms.
• DR Testing and Automation: Conduct regular DR tests and automate recovery processes to validate the effectiveness of recovery strategies and ensure preparedness.
• Wireless Network Management: Oversee and secure wireless networks, including the design, configuration, and management of enterprise wireless LANs, ensuring they meet security and performance requirements.
• MPLS (Multi-Protocol Label Switching): Design, configure, and manage MPLS networks to ensure reliable, secure, and efficient data transmission between various sites. Collaborate with service providers to monitor and troubleshoot MPLS circuits.
• Troubleshooting Network Issues: Lead and perform advanced troubleshooting of network issues, including latency, connectivity problems, security breaches, wireless performance, MPLS routing, and voice communication failures.
• Cloud Security: Ensure the security of cloud-based infrastructure, implementing security controls specific to Azure and AWS environments, including encryption, IAM policies, and security monitoring.
• Security Policies and Compliance: Develop and enforce security policies, standards, and procedures. Ensure compliance with relevant regulations (e.g., PCI DSS, GDPR, HIPAA) across on-premises, cloud, wireless, MPLS, and SMS environments.
• Firewall and IDS/IPS Management: Configure, maintain, and monitor firewalls, intrusion detection/prevention systems, and other network security tools.
• Vendor Management: Coordinate and manage relationships with manage service providers, including negotiating service agreements, ensuring compliance with SLAs, and overseeing the integration and performance of vendor-provided network, security, and SMS services.
• Documentation: Maintain detailed documentation of network security configurations, incident response actions, disaster recovery plans, and vendor-related activities for on-premises, wireless, MPLS, cloud, and SMS environments.

Required Skills and Qualifications:

v Education: Bachelor’s degree in computer science, Information Technology, or a related field.

v Experience: 15+ years of experience in network security engineering, with a strong background in firewall management, network protocols, wireless networks, MPLS, disaster recovery, SMS communication security, and security architecture.

v Certifications:

o Cisco Certified Network Professional (CCNP) – Mandatory.

o Cisco Certified Network Professional (CCNP) Collaboration (for voice specialization) – Mandatory.

o Cisco Certified Network Professional (CCNP) Collaboration (for voice specialization) – Recommended.

o Any Network Security related certification – Mandatory.

o AWS Certified Solutions Architect – Professional – Recommended

o Microsoft Certified: Azure Solution Architect (for Azure connectivity expertise) – Recommended

v Technical Skills:

o Strong understanding of network protocols (TCP/IP, DNS, HTTP, etc.) and technologies (switches, routers, firewalls).

o Expertise in LAN and WAN design, network topology, and site-to-site connectivity solutions (including MPLS and SD-WAN).

o Experience with disaster recovery planning and execution, including the use of cloud-based DR tools such as Azure Site Recovery or AWS DR.

o Expertise in firewall technologies (e.g., Palo Alto, Cisco ASA, Fortinet).

o Proficiency with SIEM tools.

o Familiarity with encryption technologies and VPNs (IPsec, SSL).

o Strong hands-on experience with Azure and AWS networking services (VNets, VPCs, ExpressRoute, VPNs, Transit Gateway, Direct Connect, Route 53, Security Groups, Network ACLs, etc.).

o Experience with wireless network security and management (e.g., Cisco Wireless, ISE…).

o Strong knowledge of MPLS network configurations, troubleshooting, and vendor collaboration.

o Strong network troubleshooting skills, especially in identifying and resolving network, wireless, MPLS, and SMS-related communication issues, both in on-premises and cloud environments.

o In-depth knowledge of network hardware and software, including routers, switches, firewalls, and network operating systems.

o Knowledge of industry standards and regulations related to network security and data privacy, such as GDPR and HIPAA.

v Vendor Management:

o Ability to effectively manage and negotiate with third-party vendors and service providers, including SMS gateway providers.

o Experience managing contracts, ensuring compliance with service-level agreements (SLAs), and overseeing vendor performance.

v Soft Skills:

o Strong analytical and problem-solving skills.

o Ability to work under pressure during security incidents and disaster recovery situations.

o Excellent communication skills to convey complex security issues to non-technical stakeholders.

o Available to support after office hours in case of any P1 incidents.