We are seeking a highly skilled Network Engineer with a strong specialization in firewall administration and cloud security to join our dynamic SRE team. The Network Engineer will play a pivotal role in designing, implementing, and maintaining our network security infrastructure, ensuring the protection of our cloud environments and on-premises networks. This role requires expertise in firewall technologies, network security best practices, cloud security principles, and the ability to collaborate with cross-functional teams to safeguard our organization's digital assets.Key Duties & Responsibilities (in decreasing Critical Emphasis order)1•Firewall Administration: oFirewall Configuration: Configure, manage, and maintain firewall devices (Vyatta, Fortinet Fortigate) for on-premises and cloud environments.oSecurity Policy Enforcement: Implement and enforce firewall policies to protect against unauthorized access and malicious attacks.oLog Monitoring and Analysis: Monitor firewall logs for security incidents and respond promptly to mitigate threats.2•Network Security: oSecurity Assessments: Conduct regular security assessments and vulnerability scans to identify and address potential security risks.oIncident Response: Participate in incident response activities, investigate security breaches, and coordinate remediation efforts.oSecurity Awareness: Promote security awareness within the organization and provide training to team members.3•Cloud Security:oCloud Security Architecture: Design, implement, and manage cloud security architectures for AWS and GCP environments, including VPCs, security groups, IAM roles, and access controls.oCloud Security Services: Leverage cloud-native security services (e.g., WAF, IDS, IPS, SIEM) to protect cloud resources and detect threats.oCloud Security Best Practices: Adhere to cloud security best practices and compliance frameworks (e.g., CIS, NIST, ISO 27001).4•Network Infrastructure:oCollaborate with network architects to design and implement network security solutions that meet the organization's needs.oTroubleshoot and resolve network connectivity issues, ensuring minimal downtime and optimal performance.oNetwork Troubleshooting: Diagnose and resolve network issues, including connectivity problems, latency, and packet loss. Collaborate with Support teams to investigate and resolve network-related incidents.4•Network Optimization:oContinuously monitor network performance, identify bottlenecks, and optimize network configurations for efficiency and reliability.oCapacity Planning: oMonitor network traffic and usage patterns to identify and address capacity and performance bottlenecks.oImplement network monitoring tools to proactively identify issues and generate alerts.oRespond to network alerts and incidents in a timely manner.oPlan and execute network capacity upgrades as needed.5•Documentation:oMaintain detailed documentation of firewall configurations, network diagrams, and security policies.oCreate and update network documentation to ensure accuracy and consistency.6•Incident Response:oParticipate in incident response activities, investigate security incidents, and coordinate efforts to contain and remediate security breaches.7•Collaboration and Training:oCollaborate with other SRE and IT teams to implement security best practices across the organization.oProvide training and guidance to junior team members on network security and firewall administration.Qualifications/Skills/AbilitiesMinimum RequirementsFormal EducationoBachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).Experience (type & duration)o5+ years of proven experience as a Network Engineer with a strong focus on firewall administration.oTelecom domain experience is good to have.SkillsoIn-depth knowledge of firewall technologies, including but not limited to Cisco ASA, Palo Alto, and Fortinet.oFamiliarity with intrusion detection and prevention systems (IDPS) and security information and event management (SIEM) tools.oFamiliarity with cloud security concepts and technologies (AWS, GCP).oStrong understanding of network protocols, routing, and switching.oVyatta router config good to haveoWorking knowledge of vmware Accreditation/certifications/licensesoCCNA / CCNP mandatory.oCertified Information Systems Security Professional (CISSP) or network certification, CCNP, CompTIA network+, etc is a plus.oPreferred: Experience with cloud security certifications (AWS Certified Security - Specialty, GCP Certified Professional Cloud Security Engineer).Knowledge of scripting languages (e.g., Python, Bash) for automation.Experience with network automation tools.