NETWORK SECURITY ENGINEER

Orange, CA - USA

Monthly Salary: Not Disclosed

Posted on: 5 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Summary

We are seeking a highly skilled Senior Network Security Engineer to join our team and play a key role in securing optimizing and transforming our enterprise network infrastructure. The ideal candidate will have deep expertise in firewall security NAT IPSEC SD-WAN routing protocols (EIGRP BGP OSPF) and cloud security solutions. This position will focus on managing and enhancing our security infrastructure which includes:

Cisco ASA Checkpoint Fortinet FortiGate Palo Alto Firewalls.
Radware for DDoS protection.
Zscaler ZIA/ZPA for cloud security.
SD-WAN for optimized global connectivity.
EIGRP BGP and OSPF-based network routing.
NAT policy design and implementation

A key initiative for this role is leading the migration from Checkpoint to Fortinet firewalls while ensuring seamless network security operations. Additionally the engineer will support and enhance our SD-WAN deployment for optimized global connectivity and application performance.

Key Responsibilities

Lead the migration from Checkpoint to Fortinet including policy conversion rule optimization and traffic validation.
Manage and maintain Cisco ASA Palo Alto Fortinet and Checkpoint firewalls across corporate cloud and remote sites.
Design and optimize firewall rule sets for improved security performance and compliance.
Perform risk assessments and firewall audits to ensure network security best practices.
Manage and optimize SD-WAN architecture to improve application performance and reduce latency.
Implement policy-based traffic steering failover mechanisms and WAN optimization.
Ensure seamless integration between SD-WAN firewalls cloud security solutions and on-prem networks.
Troubleshoot SD-WAN performance issues routing conflicts and connectivity problems.
Work with network and security engineers to ensure secure connectivity between on-premises branch locations and cloud.
Design and implement NAT policies including static NAT dynamic NAT and PAT (Port Address Translation).
Configure and troubleshoot EIGRP BGP and OSPF for enterprise and cloud routing.
Optimize routing policies to ensure high availability redundancy and performance.
Work closely with the network engineering team to enhance SD-WAN inter-site and cloud connectivity.
Administer and optimize Zscaler ZIA/ZPA solutions for secure cloud access and web filtering.
Implement zero-trust security policies for cloud applications and remote users.
Troubleshoot Zscaler tunnels proxy configurations and application access issues.
Implement and maintain Radware DDoS protection to safeguard network infrastructure from volumetric and application-layer attacks.
Configure IPS/IDS solutions to detect and mitigate security threats.
Work with SOC teams to analyze and respond to security incidents.
Lead firewall SD-WAN NAT and routing issue troubleshooting affecting business-critical applications.
Perform packet capture analysis and use security logs to diagnose network issues.
Work with vendors (Cisco Fortinet Palo Alto Zscaler) to resolve complex technical issues.
Develop and enforce firewall and network security policies in compliance with NIST CIS benchmarks and ISO 27001 standards.
Conduct regular security audits and risk assessments.
Maintain up-to-date documentation of firewall rules SD-WAN policies and security configurations.
Develop scripts (Python Bash PowerShell) for automating firewall audits and SD-WAN policy updates.
Optimize firewall and SD-WAN policies to reduce latency and improve efficiency.
Implement network automation frameworks to streamline security operations.

Required Skills & Experience

5-8 years of experience in network security engineering.
Expertise in Fortinet FortiGate Checkpoint Palo Alto and Cisco ASA firewalls.
Strong knowledge of SD-WAN solutions (Fortinet SD-WAN Cisco SD-WAN Prisma Access).
Experience configuring and troubleshooting EIGRP BGP and OSPF routing protocols.
Hands-on experience managing Zscaler ZIA/ZPA for cloud security.
Proficiency in VPN technologies (IPSec SSL GRE DMVPN L2TP) and their security implications.
Strong skills in NAT firewall rule optimization and routing table analysis.
Experience with Radware DDoS protection IPS/IDS and threat mitigation.
Knowledge of zero-trust security architectures and secure SD-WAN implementation.
Strong analytical skills for troubleshooting network security issues including packet captures and firewall logs.

Preferred Qualifications

Certifications: Fortinet NSE 4/7 Checkpoint CCSA/CCSE Palo Alto PCNSA/PCNSE Cisco CCNP Security Zscaler ZCCP SD-WAN certifications.
Experience with AWS Azure and GCP cloud security best practices.
Familiarity with SIEM solutions for security event monitoring.
Experience automating security tasks using Python Ansible or Terraform

Job Summary We are seeking a highly skilled Senior Network Security Engineer to join our team and play a key role in securing optimizing and transforming our enterprise network infrastructure. The ideal candidate will have deep expertise in firewall security NAT IPSEC SD-WAN routing protocols (EI...

Job Summary

Cisco ASA Checkpoint Fortinet FortiGate Palo Alto Firewalls.
Radware for DDoS protection.
Zscaler ZIA/ZPA for cloud security.
SD-WAN for optimized global connectivity.
EIGRP BGP and OSPF-based network routing.
NAT policy design and implementation

Lead the migration from Checkpoint to Fortinet including policy conversion rule optimization and traffic validation.
Manage and maintain Cisco ASA Palo Alto Fortinet and Checkpoint firewalls across corporate cloud and remote sites.
Design and optimize firewall rule sets for improved security performance and compliance.
Perform risk assessments and firewall audits to ensure network security best practices.
Manage and optimize SD-WAN architecture to improve application performance and reduce latency.
Implement policy-based traffic steering failover mechanisms and WAN optimization.
Ensure seamless integration between SD-WAN firewalls cloud security solutions and on-prem networks.
Troubleshoot SD-WAN performance issues routing conflicts and connectivity problems.
Work with network and security engineers to ensure secure connectivity between on-premises branch locations and cloud.
Design and implement NAT policies including static NAT dynamic NAT and PAT (Port Address Translation).
Configure and troubleshoot EIGRP BGP and OSPF for enterprise and cloud routing.
Optimize routing policies to ensure high availability redundancy and performance.
Work closely with the network engineering team to enhance SD-WAN inter-site and cloud connectivity.
Administer and optimize Zscaler ZIA/ZPA solutions for secure cloud access and web filtering.
Implement zero-trust security policies for cloud applications and remote users.
Troubleshoot Zscaler tunnels proxy configurations and application access issues.
Implement and maintain Radware DDoS protection to safeguard network infrastructure from volumetric and application-layer attacks.
Configure IPS/IDS solutions to detect and mitigate security threats.
Work with SOC teams to analyze and respond to security incidents.
Lead firewall SD-WAN NAT and routing issue troubleshooting affecting business-critical applications.
Perform packet capture analysis and use security logs to diagnose network issues.
Work with vendors (Cisco Fortinet Palo Alto Zscaler) to resolve complex technical issues.
Develop and enforce firewall and network security policies in compliance with NIST CIS benchmarks and ISO 27001 standards.
Conduct regular security audits and risk assessments.
Maintain up-to-date documentation of firewall rules SD-WAN policies and security configurations.
Develop scripts (Python Bash PowerShell) for automating firewall audits and SD-WAN policy updates.
Optimize firewall and SD-WAN policies to reduce latency and improve efficiency.
Implement network automation frameworks to streamline security operations.

Required Skills & Experience

5-8 years of experience in network security engineering.
Expertise in Fortinet FortiGate Checkpoint Palo Alto and Cisco ASA firewalls.
Strong knowledge of SD-WAN solutions (Fortinet SD-WAN Cisco SD-WAN Prisma Access).
Experience configuring and troubleshooting EIGRP BGP and OSPF routing protocols.
Hands-on experience managing Zscaler ZIA/ZPA for cloud security.
Proficiency in VPN technologies (IPSec SSL GRE DMVPN L2TP) and their security implications.
Strong skills in NAT firewall rule optimization and routing table analysis.
Experience with Radware DDoS protection IPS/IDS and threat mitigation.
Knowledge of zero-trust security architectures and secure SD-WAN implementation.
Strong analytical skills for troubleshooting network security issues including packet captures and firewall logs.

Preferred Qualifications

Certifications: Fortinet NSE 4/7 Checkpoint CCSA/CCSE Palo Alto PCNSA/PCNSE Cisco CCNP Security Zscaler ZCCP SD-WAN certifications.
Experience with AWS Azure and GCP cloud security best practices.
Familiarity with SIEM solutions for security event monitoring.
Experience automating security tasks using Python Ansible or Terraform