Job Description

: B2. Primary Roles & Responsibilities: * Network Security Architecture & Design:

• Lead the design, implementation, and optimization of robust, scalable, and secure network architectures for enterprise and data center environments.
• Develop and maintain network security policies, standards, and procedures in alignment with industry best practices and compliance requirements.
• Conduct security assessments and vulnerability analyses of existing network infrastructure, recommending and implementing remediation strategies.
• Operations & Troubleshooting:

• Provide expert-level operational support and troubleshooting for complex network security issues, ensuring minimal downtime and business continuity.
• Manage and maintain various network security devices and platforms including, but not limited to, Firewalls (Next-Gen and traditional), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), VPN gateways, Load Balancers, and Network Access Control (NAC) solutions.
• Monitor network security performance, health, and capacity, implementing proactive measures to prevent issues.
• Customer Relationship Management:

• Serve as a primary technical point of contact for key customers, understanding their unique security needs and translating them into technical solutions.
• Team Leadership & Mentorship:

• Lead and mentor a team of network engineers, fostering skill development, knowledge sharing, and adherence to best practices.
• Participate in the recruitment and training of new team members.
• Project Management & Delivery:

• Lead and execute network security projects from inception to completion, ensuring timely delivery within scope and budget.
• Innovation & Continuous Improvement:

• Stay abreast of the latest trends, threats, and advancements in network security technologies and methodologies.
• Drive continuous improvement initiatives within the network security domain.

B3. Expected Experience and Expertise

• 12+ years of hands-on experience in designing, implementing, and managing complex network security solutions in enterprise-level environments.
• Deep expertise in various firewall technologies (Palo Alto, Fortinet, Cisco, Check Point), including policy management, VPN configuration, advanced threat prevention features (IPS, URL Filtering, WildFire/Sandbox, AV).
• Strong understanding and experience with Intrusion Prevention Systems (IPS) and their deployment and tuning.
• Proficiency with VPN technologies (IPSec, SSL VPN) for site-to-site and remote access connectivity.
• Hands-on experience with Load Balancers (e.g., F5 BIG-IP LTM/ASM, NetScaler) and Web Application Firewalls (WAFs).
• Experience with Network Access Control (NAC) solutions (e.g., Cisco ISE, Aruba ClearPass).
• Solid understanding of routing and switching protocols (OSPF, BGP, EIGRP, VLANs, STP, etc.) and their security implications.
• Experience with DDoS mitigation techniques and solutions.
• Working knowledge of cloud security principles and experience with security controls in AWS, Azure, or GCP.

B4. Certifications
Nice-to-Have

• Palo Alto Networks Certified Network Security Engineer (PCNSE): Essential for hands-on expertise with Palo Alto Networks Next-Generation Firewalls, a widely used platform.
• Fortinet Certified Network Security Expert (FCX / NSE 8) OR Fortinet Certified Network Security Professional (NSE 7): Demonstrates expert-level proficiency with Fortinet security products, particularly FortiGate firewalls and the Fortinet Security Fabric.
• Check Point Certified Security Master (CCSM) OR Check Point Certified Security Expert (CCSE): Indicates high-level proficiency with Check Point security solutions.

B5. Leadership skills * Team player

• Able to lead a team