Builds AI‑powered robots and digital platforms to automate construction and operations of utility‑scale solar farms.
16 hours ago
$120,000 - $140,000
Junior (1-3 years), Intermediate (4-7 years), Experienced (8-12 years)
Full Time
United States
Onsite
Company Size
150 Employees
Service Specialisms
Sector Specialisms
The Network Security Engineer is responsible for designing, implementing, and maintaining secure network infrastructures that protect the organization's data, applications, and services. This role involves developing and enforcing security policies, monitoring for threats, responding to incidents, and ensuring compliance with industry standards and regulatory requirements. The engineer will work closely with IT, cloud, and cybersecurity teams to enhance the company’s security posture and provide strategic input on emerging threats and technologies.
The engineer architects, deploys, and maintains security infrastructure such as firewalls, VPNs, IDS/IPS, NAC, and segmentation technologies, designs secure network topologies including DMZs, Zero‑Trust zones, and micro‑segmentation, implements security features on enterprise switches, routers, and wireless solutions, and evaluates new technologies to recommend improvements.
They manage next‑generation firewalls (e.g., Palo Alto, Cisco Firepower, FortiGate, Check Point), configure rule sets, security profiles, threat prevention, URL filtering, SSL decryption, and VPN tunnels, maintain site‑to‑site and remote‑access VPNs with IKEv1/v2, IPsec, SSL, and failover, and conduct regular firewall audits, clean‑ups, and policy optimizations.
The role monitors network and security logs using SIEM/SOAR tools such as Splunk, Sentinel, and Cortex XSIAM, identifies, investigates, and responds to security incidents and anomalous traffic, participates in root‑cause analysis and mitigation strategy development, and supports threat hunting and continuous security improvement initiatives.
The engineer performs vulnerability assessments for network devices and applications, coordinates patching cycles with IT and operations teams, documents and tracks remediation efforts while validating fixes, and conducts security risk assessments on new technologies, vendors, or network changes.
They develop and maintain security policies, standards, and procedures, ensure compliance with regulatory frameworks like NIST, ISO 27001, CIS, PCI‑DSS, NERC‑CIP, and IEC‑62443, maintain detailed network documentation including diagrams, configurations, inventories, and baselines, and follow proper change management, rule review, and peer approval processes.
Preferred responsibilities include supporting Checkpoint Harmony or Prisma Cloud deployments, automating tasks using Ansible, Terraform, or Pan‑OS XML/REST APIs, and integrating firewalls with logging, PKI, MFA, SD‑WAN, or security orchestration tools.
The engineer collaborates with network engineers, cloud teams, systems engineers, and DevOps to ensure secure deployments, provides Tier‑3 support for escalated network and network security issues, and participates in change management meetings, architecture reviews, and project planning.
Required qualifications include a bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent experience), 3–7 years of hands‑on network security engineering experience, CCNP Enterprise or equivalent certification, strong understanding of TCP/IP, routing/switching, VLANs, VPNs, and Layer 2/3 protocols, expertise in one or more firewall platforms, experience with IDS/IPS, NAC, and network segmentation, proficiency with SIEM and packet/log analysis, and solid knowledge of security frameworks and regulatory standards.
Preferred qualifications include professional certifications such as PCNSE, Palo Alto ACE, CCNP Security, CCIE Security, CISSP, CEH, or GSEC; experience with cloud security on AWS, Azure, or GCP; OT/ICS security (ISA/IEC‑62443, Purdue Model); automation and scripting using Python, Ansible, or Terraform; SD‑WAN and SASE/ZTNA architectures; Strata Cloud Manager/AIOps; Checkpoint Harmony Access deployments; and familiarity with EDR/XDR platforms and SOAR automation.
Key soft skills are strong analytical and problem‑solving abilities, excellent communication and documentation skills, the ability to work independently and in cross‑functional teams, strong organizational skills and attention to detail, effective collaboration with network, cloud, SOC, and architecture teams, and the capacity to operate under high‑pressure incident situations.
The position is full‑time, with approximately 90 % remote work and 10 % travel to sites, and may require participation in an on‑call rotation.
The role offers a base salary of $120,000–$140,000 (DOE) and a comprehensive benefits package.