Network Security Lead

Denver, CO - USA

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

MatchPoint Solutions is a fast-growing young energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber Robinhood Netflix Airbnb Google Sephora and more! More recently we have expanded to working internationally in Canada China Ireland UK Brazil and India. Through our culture of innovation we inspire build and deliver business results from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.

We are excited to be continuously expanding our team. If you are interested in this position please send over your updated resume. We look forward to hearing from you!

Job Title: Network Security Lead

Location: Hybrid: must be located in Denver CO or Rancho Cordova/Sacramento CA

Duration: 12-month contract-to-hire

Rate: $55/hr on W2

GENERAL SUMMARY

The Network Security Lead is responsible for designing implementing and governing CLIENTs global network security architecture across data centers labs offices and cloud environments. This role combines deep engineering expertise with strategic leadership driving architecture automation and operational excellence across CLIENTs hybrid infrastructure.

The Network Security Lead will own the architecture and evolution of all network security domains - including core and lab networks firewalls on-premise proxies and cloud connectivity - while leading and managing the Managed Service Provider (MSP) responsible for daily engineering administration and network analysis.

This role emphasizes AI-driven automation leveraging machine learning and analytics to reduce manual effort and accelerate detection response and configuration management across the enterprise.

ESSENTIAL DUTIES & RESPONSIBILITIES

Architectural Leadership and maintain CLIENTs global network security architecture spanning: Core corporate and data center networks

Network segmentation and lab firewalls
Proxies and remote access gateways
Security architecture (Azure AWS GCP) including hub-spoke and zero-trust models -Develop secure reference architectures for Prisma Access SD-WAN NGFW Infoblox DNS/DHCP and VPN platforms.

Operational Oversight and Vendor Management

-Lead and manage the Managed Service Provider (MSP) responsible for L2/L3 network security engineering administration and monitoring.

-Oversee incident response coordination for network-related security events and P1/P2 outages.

Automation and AI Integration

-Implement AI and machine learning technologies to automate network telemetry analysis anomaly detection and response workflows. .

Engineering and Governance

-Develop and enforce network security policies and standards integrating with enterprise GRC systems.

-Conduct security architecture reviews for new projects and cloud integrations.

Compliance and Audit Coordination:

-Coordinate with audit/compliance teams to supply detailed technical evidence collect logs/reports and document SOP compliance for both internal and external audit requirements.

-Facilitate audit comment tracking and support periodic access verification activities as per SOP guidance.

Platform & Product Expertise:

-Maintain expertise in CLIENT-specific network security platforms (e.g. Panorama NP Extranet aiSSD) browser integrations and licensing schemes supporting operational SOPs and driving troubleshooting and integration improvements.

Incident Response & Troubleshooting:

-Own and participate in root cause analysis session table clearances and non-functional error remediation demonstrating thorough knowledge of day-to-day troubleshooting SOPs.

REQUIRED QUALIFICATIONS

Knowledge Skills & Abilities

Expertise in network and security architecture design including: NGFWs VPNs SD-WAN (Prisma Access) segmentation proxies and hybrid connectivity
Network automation frameworks (Ansible Terraform Python)
Routing and switching protocols: BGP OSPF EIGRP VXLAN MPLS
DNS/DHCP/IPAM (Infoblox) SSL/TLS PKI SSO/SAML/OAuth
Cloud networking (Azure AWS GCP) - transit gateways VPC/VNet security groups private endpoints
Deep understanding of Zero Trust Network Architecture (ZTNA) and Secure Access Service Edge (SASE) models.
Strong vendor management and contract governance experience with Managed Service Providers.
Experience applying AI and automation in operational network management security analytics and policy optimization.
Excellent communication and leadership skills to translate technical strategy into business impact.

Education and Certifications

Bachelors or Masters degree in Computer Science Computer Engineering or related technical discipline.
8 years of experience in network security infrastructure engineering or equivalent field.
3 years of experience in architecture-level leadership or MSP oversight.
Preferred certifications:
Cisco CCNP/CCIE Security
Palo Alto PCNSE
AWS Certified Advanced Networking or Azure Network Engineer Associate
CISSP or equivalent cybersecurity certification

MatchPoint Solutions provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.