Job Summary

This role leads the operational management of complex Azure security environments, ensuring robust protection, compliance, and continuous improvement for large-scale client infrastructures. The individual empowers teams, resolves advanced incidents, and drives innovation in cloud security operations to support organizational objectives and client satisfaction.

Key Responsibilities

1. Architect and optimize Azure Security operations by implementing advanced security controls, leveraging Azure Security Center, Azure Sentinel, and Microsoft Defender to ensure robust threat management and compliance.
2. Lead the design and execution of incident response and vulnerability management processes using Azure-native and third-party tools to minimize risk and ensure rapid remediation.
3. Oversee operational governance by establishing metrics, dashboards, and reports with Azure Monitor and Log Analytics, ensuring transparency and actionable insight into security posture and operational health.
4. Mentor and guide support teams in the adoption of best practices for identity and access management, network security, and data protection within Azure, fostering a security-first culture.
5. Collaborate with stakeholders to translate complex client security requirements into actionable operational plans and innovative solutions, driving continuous improvement and alignment with business goals.
6. Champion the integration of automation and orchestration tools such as Azure Automation and Logic Apps to streamline security operations and enhance process efficiency.
7. Provide expert advisory on compliance frameworks (e.g., ISO 27001, NIST, GDPR) as applied to Azure, ensuring ongoing audit readiness and regulatory adherence.

Skill Requirements

1. Advanced Proficiency In Designing And Managing Secure Cloud Architectures And Operational Processes Within Azure.
2. Excellent Command Of Incident Response, Threat Intelligence, And Vulnerability Management Using Both Native And Integrated Security Tools.
3. InDepth Experience With Automation And Scripting In Powershell, Azure Cli, Or Arm Templates For Operational Efficiency.
4. Excellent Ability To Mentor Teams And Communicate Complex Security Concepts To Technical And NonTechnical Stakeholders.
5. Advanced Understanding Of Cloud Compliance Standards And Their Practical Application Within Azure Environments.

Other Requirements

Job Description – L3+ Network Security Expert (10+ Years)

Expertise: Firewalls, Cisco ISE, Security Services Edge (SSE), Zero Trust Network Access (ZTNA)

Position Overview

We are seeking a highly experienced L3+ Network Security Expert with 10+ years of hands-on experience in securing large enterprise networks.
The ideal candidate should have deep expertise in Firewall technologies, Cisco ISE (NAC & identity enforcement), Security Services Edge (SSE), and ZTNA, along with strong architecture, troubleshooting, and operational leadership capabilities.

This is a senior technical role responsible for designing, optimizing, and supporting mission‑critical security infrastructure.

Key Responsibilities

1. Firewall Engineering & Security Operations

• Design, deploy, and manage enterprise firewalls (Fortinet, Palo Alto, Cisco ASA/FTD, Checkpoint, etc.).
• Perform advanced troubleshooting of L3/L4/L7 security policies, VPNs, NAT, SSL decryption, and threat-prevention modules.
• Conduct firewall audits, rule rationalization, configuration hardening, and lifecycle maintenance.
• Lead major change activities, firewall upgrades, HA failover testing, and security posture improvements.

2. Cisco ISE – Identity & Access Control

• Architect and manage Cisco ISE deployments supporting 802.1X, MAB, posture checks, profiling, guest access, and segmentation.
• Integrate ISE with network infrastructure, AD/IDM, SIEM, and SSE/ZTNA ecosystems for unified identity-based security.
• Create, optimize, and troubleshoot policy sets, authorization rules, and certificate-based authentications.
• Provide L3 escalations for NAC-related access issues across wired, wireless, and VPN environments.

3. Security Services Edge (SSE)

• Support design, rollout, and optimization of SSE platforms such as Cato SSE, Prisma Access, etc.
• Manage SWG, DLP, cloud firewall, and secure remote access functions within SSE frameworks.
• Perform traffic steering, PAC file/agent deployment, and application-layer troubleshooting for cloud security policies.

 

 

4. Zero Trust Network Access (ZTNA)

• Architect and implement ZTNA solutions using identity-driven access and continuous trust evaluation.
• Migrate legacy VPN access to Zero Trust-based secure application access.
• Onboard applications, connectors, and user groups into ZTNA platforms (Cato ZTNA, Fortinet ZTNA, etc.).
• Troubleshoot user access experience, policy mismatches, and connector/edge failures.

5. Security Architecture & Governance

• Contribute to enterprise security architecture, segmentation design, and secure network frameworks.
• Map business requirements to security controls, policies, and Zero Trust principles.
• Collaborate with SOC, Cloud, IAM, and Network architecture teams to strengthen security posture.
• Conduct risk assessments, gap analysis, and propose mitigation strategies.

6. Operational Leadership & Documentation

• Act as highest-level escalation (L3/L4) for complex network-security issues.
• Mentor L1/L2 engineers; conduct knowledge transfer sessions.
• Maintain detailed documentation including architecture diagrams, SOPs, runbooks, and change procedures.
• Participate in DR planning, compliance reviews, and security audits.

Required Technical Expertise

Core Skills

• Firewalls: Fortinet, Cisco ASA/FTD
• Cisco ISE: 802.1X, posture, profiling, guest/BYOD, pxGrid, segmentation
• SSE:  Prisma Access / Cato SSE
• ZTNA: Cato ZTNA, Fortinet ZTNA, or equivalent
• Networking: BGP, OSPF, EIGRP, VLANs, STP, HSRP/VRRP
• Strong understanding of PKI, SSL/TLS, MFA, SAML/OAuth, identity-based policy control
• Hands-on experience with SIEM tools, packet capture, and log analysis

Professional Skills

• Strong analytical, troubleshooting, and problem‑solving skills
• Excellent communication and stakeholder management
• Ability to work under pressure in a 24×7 enterprise environment
• Ownership-driven mindset with focus on service reliability and security maturity

Experience

• 10+ years of experience in Network Security roles
• Minimum 5+ years hands‑on experience with Firewalls & Cisco ISE
• Practical exposure to SSE & ZTNA implementations in enterprise environments
• Experience leading complex migrations and security transformation initiatives

Preferred Certifications

• Cisco ISE Specialist, CCNP Security / CCIE Security
• Fortinet NSE4–NSE7, Palo Alto PCNSE
• CISSP / CEH / Security+ (good to have)