Senior Network Security Design Engineer

The organization seeks a senior-level expert to lead enterprise network architecture, design standards, and implementations across on-premises, cloud, and operational technology environments. This role focuses on executing network strategy, maintaining architectural consistency, and collaborating with security, cloud, and operations teams to provide secure, scalable global network services.

Key Responsibilities

• Oversee daily governance of LAN, WAN, WLAN, VPN, cloud networks, and OT environments, including platforms like wireless access, firewalls, secure web gateways, and security tools.
  
• Monitor network performance, health, and availability; conduct initial troubleshooting and escalate complex issues while supporting incident, change, and service request processes in line with SLAs.
  
• Guide network design for offices, data centers, and cloud services; optimize for better convergence, performance, latency, and resiliency; participate in architecture review boards.
  
• Manage vendors and technology partners; handle project workloads; consult with business units to convert requirements into technical architectures and designs.
  
• Serve as subject matter expert on network and security services; maintain up-to-date network diagrams, configurations, architecture documents (HLD/LLD), as-builts, asset records, and BOMs for audit readiness.
  
• Promote standardization, automation, and lifecycle management; provide high-priority operational support, incident troubleshooting, and vendor escalations.
  

Required Qualifications

• At least 3 years in project consulting, from business requirements to solution architecture and deployment; 5 years in operational support.
  
• Proven experience mentoring teams in network, security, and cloud areas.
  
• Strong knowledge of network security operations, including SIEM, WAF, IPS/IDS, cloud security, Microsoft 365, Linux/Windows systems, and endpoint protection.
  
• Hands-on design of secure Azure solutions (VMs, microservices, containers) following Azure Well-Architected Framework; familiarity with NIST CSF and MITRE ATT&CK.
  
• Practical expertise with enterprise platforms such as Cisco Meraki, Fortinet, Palo Alto, Zscaler (ZIA/ZPA), and CrowdStrike.
  

Supporting Skills

• Understanding of cybersecurity trends and threats.
  
• Proficiency in multi-tiered architectures, switching/routing (resiliency, VLAN, VPC/MLAG, HSRP/VRRP, NAT, IPsec, dynamic routing, WiFi), IaC, automation, APIs, trust zone segmentation, and zero trust principles.
  
• Awareness of ITIL practices; relevant certifications like CCIE/CCNP, Fortinet (FCX/FCSS/FCP), Zscaler (ZDTA/ZDTE/ZDXA), Azure (AZ-700/AZ-500/AZ-303/304), GIAC/SANS.
  
• Willingness to work regular hours plus on-call support outside business times.
  

Behavioral Expectations

• Systematic, organized approach with strong attention to detail, analytical problem-solving, and ability to work under pressure in dynamic settings.
  
• Excellent communication, stakeholder management, and interpersonal skills; comfortable raising issues and managing own workload with realistic timelines.
  
• Reliable, patient with users, independent, and focused on results and satisfaction.