Senior/StaffNetworkSecurityEngineer

## In This Role, You Will... Design, implement, and maintain secure hybrid/multi-cloud network architectures (AWS/GCP, CloudWAN, SD-WAN); enforce zero-trust access controls and network segmentation across corporate, data center, lab, and edge environments; develop and maintain related policies, standards, and architecture diagrams Own and operate next-generation firewall platforms (Palo Alto Networks, Fortinet), managing policy architecture, segmentation, NAT, URL filtering, SSL/TLS decryption, and threat prevention tuning Architect, operate, and own the lifecycle of secure remote access solutions (VPN, ZTNA, GlobalProtect, site-to-site tunnels), ensuring high availability, certificate-based authentication, and integration with identity providers (SAML, Entra ID) Drive automation and Infrastructure-as-Code (IaC) using Terraform, Python, CI/CD, and REST APIs for configuration management, firewall policies, and security baselines; integrate LLM-based tools to streamline operational tasks and reduce manual toil Oversee security operations including 24/7 network security monitoring, traffic analysis, threat detection, vulnerability assessments, and remediation; support compliance requirements by conducting security reviews for new projects and infrastructure changes Lead 802.1X/certificate-based Network Access Control (NAC) initiatives across wired and wireless environments Define team roadmap, mentor engineers, and lead cross-functional security initiatives with Product Security, SRE, IT, and Software Engineering teams ## Qualifications Experience: 8+ years of network security engineering experience securing enterprise, cloud, and OT/lab environments Platform Expertise: Deep, hands-on expertise in next-gen firewalls (Palo Alto, Fortinet), AWS NFW, WAFs, IDS/IPS, NAC/802.1X, PKI, VPN, and ZTNA solutions (Zscaler, Prisma Access, or equivalent) Technical Knowledge: Strong understanding of core network protocols (TCP/IP, BGP, OSPF, VLAN, 802.1X, TLS/PKI) and cloud networki