Job Summary
Job Summary
We are hiring a senior L3 Network Security Engineer / SME with deep expertise in Firewall technologies (any 2 mandatory) and strong knowledge of Zscaler (ZIA/ZPA), MDO 365, and WAF (Cloudflare).
The role involves handling critical escalations, solution design, advanced troubleshooting, and security governance, along with mentoring L2 teams.
Key Responsibilities
Key Responsibilities
- Handle P1 / P2 incidents and escalations end-to-end
- Perform deep RCA and preventive improvements
- Design:
- Firewall architecture
- Zscaler Zero Trust setup
- Email & WAF security posture
- Lead:
- Firewall migrations, upgrades, deployments
- Drive:
- Policy optimization, governance, compliance
- Mentor L2 resources
Participate in customer technical discussions and solutionin
Skill Requirements
Firewall (Meraki / Palo Alto / Fortigate)
- Advanced configuration:
- Policy optimization, NAT (complex/U-Turn)
- Architecture:
- HA setups, multi-site design
- Troubleshooting:
- Deep packet analysis
- Routing issues (BGP, OSPF)
- Tools:
- Panorama / FortiManager / Meraki
- Migration:
- Vendor-to-vendor firewall migration
- Governance:
- Policy review, audit compliance
🔹 Zscaler (ZIA / ZPA – Advanced)
- ZIA:
- Advanced policy tuning (DLP, SSL inspection)
- ZPA:
- Zero Trust architecture design
- App segmentation
- Client Connector:
- Deployment strategy & troubleshooting
- Authentication:
- Azure AD, SAML, MFA troubleshooting
- Advanced troubleshooting:
- PAC/GRE/IPsec issues
- Integration:
- SIEM, endpoint, identity tools
- Strong understanding of:
- SASE & Zero Trust architecture
🔹 MDO 365 (Advanced Email Security)
- Threat analysis:
- Phishing, spoofing, impersonation
- Defender tools:
- Threat Explorer, hunting
- Incident response:
- Email header analysis
- Security improvements:
- Secure score optimization
- Automation:
- Logic Apps / SOAR
- Governance:
- SPF, DKIM, DMARC implementation
🔹 WAF – Cloudflare (Advanced)
- Custom rule creation and tuning
- OWASP protection optimization
- Bot mitigation and API security
- False positive reduction
- SSL/TLS management
- Attack mitigation (SQLi, XSS)
- SIEM/log integration
- DDoS mitigation strategies
Good to Have
- SASE / Zero Trust architecture
- Cloud security (Azure / AWS)
- Automation (Python / Terraform)
- Large enterprise/SOC experience
Certifications
- Palo Alto PCNSE
- Fortinet NSE 4–7
- Meraki Certifications
- Zscaler ZCCP
- Microsoft SC-200 / MS-500
Soft Skills
- Strong stakeholder and customer management
- Ability to lead technical discussions
- Mentorship & leadership skills
- Problem-solving and ownership mindset