Network Security Engineer

About the job
Network Security:

Choice 1 and 2

Mandatory skill set: Choice 1 – Firewall – Checkpoint

Web-security- Zscaler (ZIA & ZPA)

NAC – Aruba Clearpass

Mandatory skill set: Choice 2 – Firewall – Checkpoint

Web-security- Zscaler (ZIA & ZPA)

WAF – Cloudflare

Hybrid – 3 days – Mississauga

Job Description – Network Security (L3)

Responsibilities

Manage day-to-day Operations according to customer environment

Organizational Functions:

§ Develop and implement network security architecture, policies, and procedures to protect against threats.

§ Should be able to provide L3 level support on critical/Outage situation and drive end to end until the resolution.

§ Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP).

§ Should have Strong expertise in:

o Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure.

o Should have good working experience on checkpoint VPN (S2S & Remote access).

o Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection.

o Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols.

o Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services.

o Resolve complex authentication failures, latency issues, and TACACS+ service issues.

o Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation.

o Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler’s cloud security concepts.

o Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows.

o Deep understanding of Zero Trust Network Access (ZTNA), Firewalls, and IPSec/SSL VPNs.

o Experience on maintaining any email security gateway platforms to optimize filtering.

o Experience on Investigation, quarantine, and remediation of malicious, suspicious, or spoofed emails.

o Design, build, and maintain scalable infrastructure to analyze email patterns and detect anomalies in real-time with the help of Abnormal AI tool.

§ Create and maintain comprehensive documentation related to network security infrastructure and procedures following the NIST and CIS standards.

§ Identify the in-efficiencies in the operations and identify potential solutions to improve efficiency.

§ Own and drive improvements in the areas of Operations, technology, Advisory and customer satisfaction.

§ Stay up to date on emerging security threats, technologies, and industry trends.

§ Manage and mentor a team of network security engineers and analysts.

§ One should identify possible automation capabilities, their execution

§ within the network security products and process and deliver across multiple customer environments.

§ Should be cross-skilled across multiple technologies covering products like Firewalls, Web-Proxies, as well as cloud security products (AWS, Azure, GCP etc.)

§ Should prepare weekly and monthly performance reports across multiple customer environments (people, technologies, Process Gaps, Risk, RAG status etc.)

§ Should be able to conduct internal training to address the skill gap as well as motivate the team to do technical certifications.

Core Functions:

§ Focus on technologies and bring automation capabilities.

§ Regular reporting on the state of the customer delivery.

§ Maintain KPIs for the teams and report on Service Improvement Areas to senior management

§ Identify risks and maintain compliance with submission of client-facing reports.

§ Focus on industry-based practices and configuration and guide the team to follow the same.

Individual Performance Measurement Criteria –

Bring quality in service delivery and work on cross killing people to increase productivity.

Quality and effectiveness in communications and engagement with stakeholders.

Low / Zero Escalation from the customers

Driving Innovation to improve Service standards & Quality.

Technical Skills

Proficiency Level

Understanding of the different security technologies, Experience in deploying, configuring and troubleshooting of

1. Firewalls (Checkpoint)

2. NAC – Aruba Clearpass

3. Web application Firewall – Cloudflare

4. Web-Proxy -Zscaler (ZIA/ZPA/ZDX)

5. Email Security – Abnormal AI

6. Load balancer – F5 BIG-IP

Ø Experience in different Information Security Processes.

1. Security Change Management

2. Rule Base Reviews & Optimization

3. Security Incident Management (Standard & Critical)

Understanding of different Security Architectures.

Communication and Organizational skills • Good command of the English language, with excellent written and verbal skills.

• Proactive in communication and appropriate selection of audience according to topic.

• Highly organized and capable of tracking a variety of tasks to closure.

• Good time management principles and effective in prioritizing workloads.

Cultural Requirements • Works collaboratively with other teams and builds positive working relationships

• Able to learn quickly and apply common sense to new situations, but understand when it is appropriate to engage others for advice

Open and transparent style and approach when working with others

Places a significant level of importance on personal & team development and understanding then improving upon weakness

Accepting feedback from managers, peers, and clients regarding work performance

Utilizes a goal-oriented approach, which drives self-improvement both personally and professionally and drives the teams.

Takes the initiative to work on tasks outside of his or her immediate scope of responsibility and encourages others to do so.

Experience Required Minimum overall experience of 8-12 years

– Minimum of 8 years’ experience in Information Security

– Minimum of 6 years’ experience in running a Security Operations Center for a large organization.

Certifications Required Industry-recognized certifications such as CCSA/CCSE, CCIE, or equivalent is highly desirable.

Education Qualifications Preferably Graduate with Science/Eng

“We are an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.”