Network Security Engineer (SASE/ZTNA)

Position Summary:

We are looking for a Network Security Engineer to support the advancement of our secure access infrastructure and play a key role in managing and modernizing our security operations. The individual will play a significant role in transitioning from a legacy Cisco Secure Client environment to a modern, cloud-native SASE (Secure Access Service Edge) architecture, with a strong focus on Zero Trust Network Access (ZTNA).If you are a skilled network engineer with a passion for SASE, ZTNA, and automation, we encourage you to apply and help drive our organization’s secure and efficient future.

Key Responsibilities:

• Implementation & Maintenance:
  • Assist in deploying and managing SASE/SSE components, including Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB), Firewall-as-a-Service (FWaaS), SD-WAN, and Zero Trust Network Access (ZTNA).
• Modernizing Access:
  • Support the migration from legacy Cisco Secure Client environments to identity-centric Zero Trust models, ensuring a smooth transition and troubleshooting any challenges.
• Automation & Integration:
  • Write and understand API scripts (e.g., Python, PowerShell, Bash) for automating manual tasks, pulling security telemetry, and integrating Netskope or other cloud-native services.
• Advanced Network Troubleshooting:
  • Routing & Proxy: Diagnose and resolve traffic flow issues, PAC file misconfigurations, transparent proxies, and SSL inspection challenges.
  • Protocol Analysis: Utilize Wireshark or tcpdump to troubleshoot complex network paths, including latency, packet loss, and SSL/TLS issues.
  • Connectivity: Resolve issues involving VLANs, NAT, 802.1X supplicants, DNS, and SaaS/COTS applications.
  • SD-WAN Integration: Collaborate on integrating SD-WAN with SASE platforms for secure traffic steering and optimal performance.
• Infrastructure Monitoring & Health:
  • Manage and monitor network health using SNMP, SIEM, Grafana, and syslog tools.
  • Troubleshoot network connectivity issues within Docker/Linux environments.
• Cloud Security Support:
  • Maintain firewall policies across AWS, Azure, and GCP while managing API-based security integrations with products such as Netskope.

Required Qualifications:

Competency

Requirement

Experience

- 5+ years in Network/VPN Engineering. 

- 2+ years hands-on experience with SASE/ZTNA platforms and Cloud services.

Critical Skills

- Strong critical thinking and problem-solving skills. 

- Effective communication and teamwork abilities. 

- Fast learner with the ability to adapt to evolving technologies.

Architecture

- Solid understanding of SD-WAN integration with SSE/SASE frameworks.

OS Proficiency

- Deep understanding of Windows 10/11 network behaviors and troubleshooting on client-side devices.

Routing & Proxy

- Strong knowledge of routing protocols, proxy (PAC file configuration), and architecture concepts.

VPN & NAC

- Hands-on experience with Cisco Secure Client (AnyConnect), firewalls, and 802.1X authentication protocols.

Monitoring & Ops

- Proficiency in tools such as SNMP, SIEM, Grafana, and Docker troubleshooting for monitoring operational health.

SASE/ZTNA

- Hands-on expertise with solutions, including Netskope, Zscaler, or Palo Alto Networks Prisma Access.

Programming Skills

- Strong experience with scripting and automation using Python, PowerShell, or Bash.

Preferred Qualifications:

• Certifications such as CCNP Security, NSE4, Zscaler Certified Cloud Engineer, or equivalent are highly desirable.
• Familiarity with secure DevOps principles and CI/CD in cloud environments.
• Experience securing hybrid cloud workloads across AWS, Azure, and Google Cloud.

Job Benefits:

• Competitive compensation and benefits package.
• Opportunity to work on cutting-edge SASE/ZTNA solutions and architectures.
• Collaborative environment fostering professional growth and innovation.