Project Overview:
We are seeking an experienced Senior Network Security Engineer with expertise in advanced networking, security, automation, and infrastructure to contribute to the stability, scalability, and security of their operations.
Key Responsibilities:
* Design and implement resilient, scalable network architectures across data centers, ensuring optimal performance, reliability, and fault tolerance.
* Manage ISP multi-homing configurations using BGP and IP-based network underlays with Cisco solutions (experience with IOS-XE, NX-OS, and products such as ASR and Nexus 9000 switches).
* Implement and oversee load balancing solutions to optimize traffic distribution and ensure continuous availability.
* Provide network security expertise with technologies such as:
* Cisco ASA VPN, Cisco Secure Client (AnyConnect)
* Checkpoint Firewalls
* FortiGate SD-WAN
* Automate network infrastructure management and deployment tasks using: Python, Ansible, and/or Terraform
* Develop and maintain automation workflows using API calls with industry standards, including: REST API, RESTCONF, and NETCONF for seamless integration and automation.
* Design, implement, and manage SDN Datacentre environments utilizing NSX and Cisco ACI.
* Leverage Kubernetes architecture to configure application delivery with ingress rules and network policies.
* Collaborate with cross-functional teams to ensure smooth network deployment, troubleshooting, and performance optimization.
Required Skills and Experience:
* Proven track record in designing high-availability network solutions across data centers, with minimal downtime and effective failover strategies.
* Expertise in ISP multi-homing with BGP, Nexus IP configurations with NX-OS, and OSPF/BGP routing protocols.
* Strong proficiency in load balancing technologies, including:
* Radware and F5
* Extensive experience with network security solutions, such as:
* Cisco ASA VPN, Cisco Secure Client (AnyConnect)
* Checkpoint Firewalls
* FortiGate SD-WAN
* Proficiency in automation using:
* Python, Ansible, and/or Terraform
* Skilled in developing and managing CI/CD pipelines with strong knowledge of Git (GitLab/GitHub).
* Solid understanding of data encoding and modeling formats like YAML and JSON.
* Hands-on experience with API-based technologies, including:
* REST API, RESTCONF, and NETCONF.
* Expertise in SDN, with practical experience in:
* NSX and Cisco ACI.
* Experience in containerized environments using:
* Kubernetes for orchestration and workload management.
* Ability to design and architect network solutions that prioritize scalability, security, and high availability.
Qualifications:
* CCIE Certification (or equivalent) is required.
* Several years of demonstrated experience in network engineering, specializing in high availability, security, and advanced networking technologies.
* Proven expertise in designing and deploying large-scale data center networks.
Desirable Certifications:
* Cisco Certifications: CCNP, CCIE, Cisco Certified Specialist (e.g., Data Center, Security, or Service Provider)
* F5 Certifications: F5 Certified BIG-IP Administrator (F5-CA), F5 Certified Solution Expert
* Radware Certifications: Radware Certified Advanced Engineer
* Fortinet Certifications: NSE4, NSE5, NSE7, or higher
* Check Point Certifications: CCSE, CCSM
* VMware Certifications: VCP-DCV, VCAP-DCV
* Cloud Certifications: AWS Certified Solutions Architect, Azure Network Engineer, or other cloud certifications
* CompTIA Certifications: Relevant certifications in infrastructure or security
* Cybersecurity Certifications: CISE (Certified Information Systems Engineer), CISSP (Certified Information Systems Security Professional)
Preferred Skills (Nice to Have):
* Hands-on experience with cloud-native technologies, such as AWS and Azure.
* Knowledge of network telemetry and monitoring tools.
* Experience managing multi-cloud or hybrid-cloud environments.
* Understanding of container networking and microservices.