Network Engineer

Key Responsibilities

• Design, deploy, and manage end-to-end security architectures, including network perimeter defenses, segmentation, intrusion prevention systems, and zero-trust access frameworks.
  
  
• Lead implementation and operationalization of Security Management Solutions, such as SIEM, NAC, Vulnerability Management Systems, and Network Access Controls.
  
  
• Manage and maintain secure configurations for routers, switches, firewalls, and network devices using Network Management Systems (NMS) and centralized policy enforcement.
  
  
• Perform real-time security monitoring, event correlation, and incident response, coordinating with the Security Operations Center (SOC) when required.
  
  
• Troubleshoot and resolve security-related issues in live network environments, including threat containment, malware isolation, and root cause analysis.
  
  
• Apply deep knowledge of security protocols and network-layer defense mechanisms, including IPSec, VPN, AAA, ACLs, and network segmentation techniques.
  
  
• Fulfill and track security service requests (e.g., access control changes, firewall rules, DNS security settings, IP whitelisting/blacklisting) through formal Change Management processes aligned with ITIL.
  
  
• Develop, update, and maintain security documentation, including network security diagrams, configuration baselines, risk registers, runbooks, and incident response plans.
  
  
• Manage patch management lifecycle for network infrastructure: assess vulnerabilities, prioritize, test, and deploy security patches and firmware updates in a controlled manner.
  
  
• Coordinate with vendors to address published security advisories, CVEs, and ensure timely mitigation across all impacted systems.
  
  
• Conduct security assessments, risk reviews, and internal audits to ensure compliance with ISO 27001, NIST, GDPR, or other regulatory frameworks.
  
  
• Work collaboratively with the IT, DevOps, and Cloud teams to implement secure networking practices across on-premises and cloud environments.
  
  
• Automate security tasks using scripting (Python, Bash, PowerShell) or configuration management tools (Ansible, Puppet, etc.) for scalable defense mechanisms.
  
  
• Perform other related tasks as assigned by the Institute or Security Leadership.
  
  

Required Qualifications and Experience

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or related discipline.
  
  
• Minimum 5–8 years of relevant experience in network security engineering, security infrastructure management, or security operations roles.
  
  
• Strong technical knowledge in:
  • Network Security Protocols: IPSec, SSL/TLS, 802.1X, DNSSEC
  • Firewalls (e.g., Palo Alto, Fortinet, Cisco ASA), IDS/IPS, UTM
  • Authentication/Authorization: RADIUS, TACACS+, MFA
  • Routing and Switching Security: OSPF/BGP hardening, Layer 2 protections
• Experience managing enterprise-grade NMS/SIEM platforms (e.g., Splunk, QRadar, ArcSight, SolarWinds, Elastic SIEM).
  
  
• Strong background in vulnerability assessment, patch lifecycle management, and configuration hardening.