Senior Network Security Engineer

Network Security II Engineer III

Job Title: Network Security Engineer II
Location:  Onsite

 

Role Summary

We’re seeking a Senior Network Security Engineer to enhance our global security posture, focusing mainly on Palo Alto, Zscaler, WAF, IoT/OT security, and zero-trust architecture. You will design and deploy network security controls across standalone and hybrid environments, safeguard critical web applications with WAF, implement IoT/OT security measures in a manufacturing setting, and lead teams in developing secure, scalable solutions within an agile framework.

 

Key Responsibilities

• Design and implement network security architectures using Palo Alto Next-Generation Firewalls (NGFWs) and Zscaler (ZIA/ZPA) across on-premises, cloud, and remote settings. 
• Lead the development and enforcement of zero-trust principles, including identity-aware policies, network segmentation, and least-privilege access. 
• Configure and maintain Palo Alto firewalls and Panorama, managing policies, NAT, VPNs, SSL decryption, GlobalProtect, and logging functionalities. 
• Deploy and oversee Zscaler services, integrating traffic forwarding methods, security policies, and identity provider (IdP) connections. 
• Design, implement, and fine-tune Web Application Firewalls (WAF) to safeguard against the OWASP Top 10 threats and sophisticated web-based attacks. 
• Develop and enforce IoT and operational technology (OT) security controls tailored for manufacturing plants. 
• Resolve complex network security issues and monitor security controls and applications through log analysis, packet captures, and traffic flow examination. 
• Utilize your expertise in switching and routing, including VLANs, BGP, and OSPF, to ensure secure and reliable connectivity. 
• Work collaboratively with agile teams, contributing to sprint planning, refining user stories, and iteratively delivering security features. 
• Follow change control processes that involve conducting risk assessments, documenting changes, and validating implementation post-execution. 
• Create clear technical documentation, set standards and runbooks, and provide mentorship to junior engineers as needed. 

 

 

 

 

 

Required Qualifications 

A Bachelor of Science degree in Information Technology, Cybersecurity, Computer Science, or a closely related field.

Experience & Skills 

• Extensive hands-on experience (ideally 5+ years) in network security engineering within medium to large organizations. 
• Proven expertise in managing Palo Alto firewalls, preferably using Panorama in a production environment. 
• Practical experience in deploying and managing Zscaler solutions (ZIA/ZPA/ZDX or similar). 
• A deep understanding of zero-trust principles and how to apply them effectively in real-world scenarios. 
• Solid background in architecting, implementing, and troubleshooting Web Application Firewalls (WAF). 
• Demonstrated proficiency in designing and deploying security frameworks for Internet of Things (IoT) and Operational Technology (OT) environments.
• Strong knowledge of network switching and routing, covering Layer 2/Layer 3 fundamentals, along with experience in at least one major routing protocol. 
• Comfortable working in an agile project management environment Scrum preferred. 
• Excellent troubleshooting skills coupled with strong communication and documentation capabilities.

Certifications 

At least one of the following certifications is required: 

• PCNSE, PCNSA, ZDTA, ZDTE, or ZDXA 
• CCNA 
• CISSP 

Nice to Have

• Experience with major cloud platforms like AWS, Azure, or GCP. 
• Familiarity with SIEM/SOAR integrations and analysis. 

 

Experience Level

Mid Level