Job Summary

This role is responsible for expert-level operations management of large-scale and complex security infrastructure, ensuring optimal performance of firewall and network security solutions. The individual drives continuous improvement, leads teams in resolving advanced technical challenges, and maintains alignment with client service standards and organizational goals.

We are seeking a highly experienced Network Security Engineer with strong expertise in Next-Generation Firewalls (Checkpoint & Palo Alto), Cisco Identity Services Engine (ISE), Cisco Sourcefire IPS, and Cisco IronPort. The role involves managing enterprise security infrastructure, enforcing network access control, threat prevention, and ensuring secure communication across the organization.

Key Responsibilities

1. Lead complex firewall operations by configuring, monitoring, and optimizing Palo Alto, Checkpoint, and Cisco ISE solutions to ensure robust network security and compliance with client requirements.
2. Oversee incident response and troubleshooting using Palo Alto and SOURCEFIRE tools, providing expert resolution for critical security events and minimizing downtime.
3. Drive process improvements by analyzing operational workflows and implementing best practices for firewall management using IRONPORT and SSE platforms.
4. Mentor and guide the support team, delivering technical leadership in advanced firewall rules management, policy tuning, and threat prevention across multi-vendor environments.
5. Ensure seamless information flow and management reporting by utilizing centralized monitoring tools and dashboards for all firewall and security appliances.
6. Collaborate with clients to understand security requirements, translating them into actionable firewall configurations and operational enhancements.
7. Champion innovation by researching and integrating emerging firewall technologies and automation tools to enhance security posture and operational efficiency.

Firewall Management (Checkpoint & Palo Alto) • Configure, deploy, and manage Checkpoint Firewalls (VSX, MDS, Security Gateway) and Palo Alto Firewalls (PAN-OS, Panorama). • Implement and maintain: o Security policies, NAT rules, and access controls o URL filtering, application control, and threat prevention • Manage VPN technologies: o IPSEC VPN, SSL VPN, Remote Access VPN • Perform firewall upgrades, rule recertification, and optimization. • Troubleshoot: o Application connectivity issues o Traffic flow and rule conflicts Strong experience with NGFW, VPN, IPS/IDS, and security policy management is expected Cisco Identity Services Engine (ISE) • Implement and manage Cisco ISE for network access control (NAC). • Configure and maintain: o AAA services (Authentication, Authorization, Accounting) o 802.1X, RADIUS, TACACS+ policies • Manage: o Endpoint profiling and posture assessment o Guest access and BYOD onboarding • Integrate ISE with network devices (Switches, WLCs, VPN gateways). • Use ISE for context-aware access control and Zero Trust security models Cisco Sourcefire IPS (Firepower) • Configure, manage, and monitor Cisco Firepower / Sourcefire IPS/IDS systems. • Implement: o Intrusion detection and prevention policies o Threat intelligence and signature updates • Analyze security events and perform incident response for threats. • Integrate IPS with firewalls and SIEM tools for centralized visibility. Cisco IronPort (Email & Web Security) • Manage and administer Cisco IronPort (ESA/WSA) appliances. • Configure: o Email security policies (anti-spam, anti-malware, DLP) o Web security and URL filtering • Troubleshoot: o Email delivery issues o Spam filtering and policy enforcement • Ensure secure email flow and compliance with security standards. Operations & Incident Management • Provide L2/L3 support for network security incidents and service requests. • Perform: o Root cause analysis and incident resolution o Change implementation and validation • Lead technical bridge calls for critical incidents. • Work in 24x7 support model / global delivery environment Security & Compliance • Implement enterprise security policies and standards. • Support: o Firewall audits and rule recertification o Risk assessments and vulnerability remediation • Ensure compliance with organizational and regulatory requirements. Monitoring & Reporting • Monitor security events using SIEM tools (Splunk/QRadar). • Generate reports on: o Security incidents o Firewall rule usage and optimization • Continuously improve security posture and performance.

Skill Requirements

1. InDepth Experience With Cisco Ise For Network Access Control And Policy Implementation.
2. Advanced Proficiency In Security Event Management And Threat Detection Using Sourcefire And Ironport.
3. Excellent Skills In Managing Secure Service Edge (Sse) Solutions And Integrating With Existing Security Infrastructure.
4. Strong Ability To Lead, Mentor, And Empower Technical Teams In HighComplexity Operational Settings.
5. Excellent ProblemSolving, Analytical, And Process Improvement Capabilities Within The Security Operations Domain.

Security Platforms • Strong experience in: o Checkpoint Firewall (VSX, MDS, SmartConsole) o Palo Alto Firewall (PAN-OS, Panorama) • Hands-on experience in IPS/IDS technologies • Experience with Cisco ISE (AAA, NAC) • Knowledge of Cisco IronPort (ESA/WSA) Networking & Security Concepts • Strong understanding of: o TCP/IP, OSI model o Routing & Switching basics • Experience in: o VPN (IPSEC / SSL) o Packet analysis and troubleshooting • Understanding of: o DNS, SMTP, TLS protocols Tools & Environment • SIEM tools (Splunk, QRadar) • Ticketing tools (ServiceNow) • Experience with Unix/Linux environments Qualifications • Bachelor’s degree in Computer Science / IT / Electronics / Telecommunications • 5–10+ years of experience in network security engineering Preferred Certifications • Checkpoint (CCSA / CCSE / CCMSE) • Palo Alto (PCNSE / PCNSA) • Cisco ISE / Security certifications • CCNP Security / CCIE Security Preferred Experience • Experience in large enterprise/global environments • Exposure to: o Zero Trust architecture o Security automation and orchestration • Experience in multi-vendor security environments Soft Skills • Strong incident handling and troubleshooting skills • Ability to lead technical discussions and crisis calls • Good documentation and communication skills • Team collaboration and stakeholder management

Other Requirements

1. Palo Alto Networks Certified Network Security Engineer (PCNSE) � Optional but highly valuable
2. Check Point Certified Security Expert (CCSE) � Optional
3. Cisco Certified Network Professional Security (CCNP Security) � Optiona

Security Platforms • Strong experience in: o Checkpoint Firewall (VSX, MDS, SmartConsole) o Palo Alto Firewall (PAN-OS, Panorama) • Hands-on experience in IPS/IDS technologies • Experience with Cisco ISE (AAA, NAC) • Knowledge of Cisco IronPort (ESA/WSA) Networking & Security Concepts • Strong understanding of: o TCP/IP, OSI model o Routing & Switching basics • Experience in: o VPN (IPSEC / SSL) o Packet analysis and troubleshooting • Understanding of: o DNS, SMTP, TLS protocols Tools & Environment • SIEM tools (Splunk, QRadar) • Ticketing tools (ServiceNow) • Experience with Unix/Linux environments Qualifications • Bachelor’s degree in Computer Science / IT / Electronics / Telecommunications • 5–10+ years of experience in network security engineering Preferred Certifications • Checkpoint (CCSA / CCSE / CCMSE) • Palo Alto (PCNSE / PCNSA) • Cisco ISE / Security certifications • CCNP Security / CCIE Security Preferred Experience • Experience in large enterprise/global environments • Exposure to: o Zero Trust architecture o Security automation and orchestration • Experience in multi-vendor security environments Soft Skills • Strong incident handling and troubleshooting skills • Ability to lead technical discussions and crisis calls • Good documentation and communication skills • Team collaboration and stakeholder management