Network Security Engineer

Position OverviewWe are looking for a skilled Network Security Engineer to support enterprise network infrastructure initiatives focused on secure, scalable, and high-availability systems. The engineer will play a vital role in the planning, design, deployment, and management of secure networking solutions across systems. This role requires a deep understanding of network security principles, modern tools, and enterprise environments, along with a proactive and collaborative approach to problem-solving and project execution.ResponsibilitiesContribute to the architecture and deployment of robust and secure network systems aligned with enterprise requirements.Manage hands-on implementations of next-gen firewall technologies and secure connectivity solutions.Lead or participate in transitioning legacy systems to contemporary platforms using Palo Alto, Cisco, and other security tools.Deliver ongoing security assessments and performance reviews for data communication networks.Generate technical documentation, including network diagrams, implementation plans, and status updates.Support end-user issue resolution in coordination with other IT teams and maintain regular communication on project status.Coordinate and conduct weekly status meetings, prepare reports, and track milestones.Required QualificationsAssociate degree in a relevant IT discipline.Active certifications in:Palo Alto Networks Certified Network Security Engineer (PCNSE)Cisco Certified Network Professional (CCNP) – Enterprise or SecurityPreferred QualificationsBachelor's degree in Information Technology or a related field.At least 10 years of hands-on experience in IT networking and cybersecurity across CONUS.Additional certifications highly desired:Prisma Certified Cloud Security Engineer (PCCSE)Cisco Certified Internetwork Expert (CCIE) – Enterprise Infrastructure or SecurityTechnical Skills & ExperienceExtensive experience with:Palo Alto Networks (firewalls, content filtering, DLP, VPNs, IDS/IPS, SSL/TLS inspection)Cisco switching, routing, wireless infrastructureA10 load balancers and reverse proxiesCisco ISE, Free Radius, and ACLsFamiliarity with:MFA and 802.1x authenticationCloud-based security and networking modelsEIGRP, OSPF, BGP routing protocolsPKI, certificate managementNessus, NMAP, Wireshark for vulnerability and protocol analysisPanorama, SolarWinds for centralized managementDemonstrated ability to:Mentor junior engineers and work independentlyCreate technical documentation and deliver professional presentationsWork Schedule and ConditionsHybrid work model:3 days onsite at Annapolis location2 days remote (subject to performance and approval)Standard hours: Monday–Friday, 8:00 AM–4:30 PM ESTMust be available for on-site support within 4 hours if neededOccasional extended hours, weekends, or holidays may be required #J-18808-Ljbffr

Created: 2025-09-21