RemoteLeaf Logo
Log in Sign up

Senior Network Security Engineer

6 days, 4 hours ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
Agile Ansible AWS Azure CDN Cloudflare DHCP DNS Git JIRA Load Balancing PowerShell Python Scrum SIEM SOC TCP/IP Terraform TLS WAF
Apply Now
Ignite IT

Ignite IT

Ignite IT is a start-up company specializing in providing transformative digital solutions to large federal agencies and the private sector. They offer innovative IT services such as enterprise Agile Development & Delivery, business strategy and transf...

IT Services
11-50
View All Jobs 6

Description

  • Design, configure, administer, maintain, and troubleshoot enterprise firewall solutions on Cisco and Palo Alto platforms.
  • Manage firewall policy lifecycles, NAT, segmentation, high availability, logging, and secure configuration baselines.
  • Install, upgrade, and maintain firewall hardware and software in new and existing network infrastructure, including cloud-connected environments.
  • Perform recurring firewall rule reviews, recertification, cleanup, and decommissioning of obsolete rules.
  • Diagnose and resolve connectivity, routing, VPN, DNS, TLS/certificate, application flow, and performance issues using logs and packet analysis.
  • Install, configure, monitor, and troubleshoot remote access VPN, site-to-site VPN, and other secure connectivity services.
  • Operate and support RSA SecurID or equivalent MFA/token services, including server administration, token lifecycle management, and user support.
  • Administer edge security, content filtering, and network access control services, including Cloudflare-related controls and policy updates.
  • Implement and manage network security controls in AWS, Azure, and hybrid environments, including cloud firewalls, routing, DNS, monitoring, and logging.
  • Support incident response, troubleshooting, maintenance windows, vulnerability remediation, compliance evidence, and documentation across TCO-managed systems.

Requirements

  • 7+ years of experience in network security engineering, network infrastructure, cybersecurity infrastructure, or a closely related role.
  • 5+ years of hands-on experience designing, implementing, administering, and troubleshooting enterprise firewall platforms in production environments.
  • Hands-on experience with Cisco firewall technologies such as Cisco FTD/FMC, ASA, AnyConnect/Secure Client, or equivalent Cisco security platforms.
  • Hands-on experience with Palo Alto Networks technologies such as NGFW, Panorama, GlobalProtect, App-ID/User-ID, security profiles, and policy optimization.
  • Experience with firewall policy design, NAT, segmentation, remote access VPN, site-to-site VPN, IDS/IPS integrations, high availability, logging, and operational troubleshooting.
  • Working knowledge of Cloudflare or equivalent DNS, DDoS, WAF, CDN, Zero Trust, or edge security platforms.
  • Experience with VPN services, secure remote access, RSA SecurID or equivalent MFA/two-factor authentication services, hardware and software token support, directory integration, partner tunnels, cloud tunnels, and cloud connectivity troubleshooting.
  • Experience supporting MFA server operations, including updates, patching, certificate/configuration changes, backups, log review, monitoring, vulnerability remediation, and vendor escalation.
  • Working knowledge of TCP/IP, DNS, DHCP, IPAM, BGP, routing, subnetting, TLS/certificates, VPN protocols, packet capture, NetFlow/traffic analysis, and network diagnostic tools.
  • Experience supporting network security in AWS and/or Azure environments.
  • Experience integrating network security controls with enterprise monitoring, logging, SIEM, SOC/NOC, or incident response workflows.
  • Experience working within formal change management, configuration management, release management, incident management, and vulnerability remediation processes.
  • Ability to develop clear technical documentation, diagrams, SOPs, runbooks, implementation plans, rollback plans, status updates, and audit evidence.
  • Strong communication and collaboration skills for explaining technical risk, operational impact, and recommended actions to technical and non-technical stakeholders.
  • Ability to obtain and maintain a Public Trust / Background Investigation and complete required DOC/Census security processing, security/privacy training, and non-disclosure requirements.
  • Preferred: deep experience administering Cloudflare DNS, DDoS protection, WAF, CDN, Access, Gateway, Tunnel, Magic Transit, or Zero Trust services.
  • Preferred: experience with content filtering platforms, secure web gateways, email security gateways, URL filtering, DLP integrations, APT/malware defense integrations, and related cloud security services.
  • Preferred: deep experience with RSA SecurID/RSA Authentication Manager or equivalent MFA platforms, including token administration, upgrades, high availability, disaster recovery, reporting, and directory integration.
  • Preferred: experience with Network Access Control technologies such as Cisco ISE, 802.1X, endpoint posture, wireless/LAN access controls, and identity-aware policies.
  • Preferred: experience with AWS security and networking services such as VPC, Transit Gateway, Security Groups, NACLs, Route 53, Network Firewall, Direct Connect, VPN, GuardDuty, Security Hub, IAM, and CloudWatch.
  • Preferred: experience with Azure security and networking services such as VNets, NSGs, Azure Firewall, Application Gateway/WAF, VPN Gateway, ExpressRoute, Private Link, Defender for Cloud, Entra ID, and Azure Monitor.
  • Preferred: experience supporting federal cybersecurity and compliance requirements such as NIST, FISMA, FedRAMP, ATO support, POA&M remediation, continuous monitoring, audit evidence packages, and security control validation.
  • Preferred: experience with automation and IaC tools such as Terraform, Ansible, Python, PowerShell, Git, APIs, CI/CD pipelines, or vendor automation frameworks.
  • Preferred: experience with Zero Trust architecture, SASE/SSE, ZTNA, secure segmentation, policy-as-code, microsegmentation, or identity-aware network access.
  • Preferred: familiarity with F5/load-balancing/application-delivery concepts for cross-team coordination.
  • Preferred: experience leading technical projects, coordinating across matrixed teams, mentoring junior engineers, and supporting Agile/Scrum or JIRA-based task tracking.
  • Preferred: relevant certifications such as CCNP Security, CCIE Security, PCNSE, PCCSE, CISSP, CCSP, AWS Certified Security - Specialty, AWS Advanced Networking - Specialty, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Azure Network Engineer Associate, CompTIA Security+, CompTIA CySA+, GIAC certifications, or equivalent vendor/cloud certifications.

Benefits

  • 401(k) with 401(k) matching.
  • Health, dental, and vision insurance.
  • Flexible schedule.
  • Flexible spending account and health savings account options.
  • Life insurance.
  • Paid time off.
  • Professional development assistance.
  • Tuition reimbursement and retirement plan.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
3 hours, 33 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
3 hours, 48 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
3 hours, 48 minutes ago
Fullscript

Staff, Security Engineer

Fullscript 251-1K Health Care Providers & Services

Fullscript is hiring a Staff Security Engineer to lead hands-on security engineering across its healthcare technology platform, shaping secure product development and protecting systems that support practitioners and patients.

United States Canada Full-time Lead Security Engineer
AWS GitHub GitLab GraphQL JavaScript Node.js Penetration Testing Ruby on Rails
4 hours, 18 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers