Network Security Engineer (System Integrator & SOC)

The Network Security Engineer is responsible for designing, implementing, operating, and supporting network security solutions for enterprise customers in a System Integrator (SI) and Security Operations Center (SOC) environment. This role combines project-based security deployment with ongoing SOC operations, incident response, and security optimization across on‑premises, cloud, and hybrid infrastructures.

The engineer will work closely with customers, internal SOC analysts, and infrastructure teams to ensure secure, scalable, and resilient network security architectures.

Key Responsibilities

Network Security Engineering

• Design and implement enterprise network security architectures (on‑prem, cloud, hybrid)
• Deploy, configure, and harden security devices:
  • Firewalls (NGFW)
  • IDS/IPS
  • Web Application Firewall (WAF)
  • Network Access Control (NAC)
• Perform firewall migration, rule base cleanup, and policy optimization
• Integrate security solutions with SIEM, SOAR, IAM, and endpoint security platforms
• Support customer security projects from design to go‑live and handover
• Produce technical documentation: HLD, LLD, as‑built diagrams, and SOPs

SOC Operations & Security Monitoring

• Monitor security alerts related to network threats, intrusions, and anomalies
• Perform L2/L3 investigation of network‑based security incidents
• Analyze logs from firewalls, IDS/IPS, VPN, and network devices via SIEM
• Support incident response activities including:
  • Threat containment
  • IP blocking
  • Policy tuning
  • Forensic data collection
• Develop and fine‑tune detection use cases and alert rules
• Support 24×7 SOC operations (shift/on‑call, if applicable)
• Identify and respond to network‑based attacks:
  • DDoS
  • Malware command‑and‑control
  • Lateral movement
  • Brute force and credential abuse
• Support containment actions:
  • Firewall rule updates
  • Quarantine actions
• Conduct root cause analysis (RCA) and post‑incident reporting
• Map incidents to MITRE ATT&CK techniques
• Support SOAR playbooks for automated response (block IP, disconnect VPN user, etc.)
• Optimize firewall rules, VPN performance, and network security posture
• Participate in vulnerability remediation related to network exposure
• Stay current with emerging threats, CVEs, and security best practices

Technologies & Tools

Network & Security Technologies

• IDS/IPS
• VPN: IPSec, SSL VPN
• WAF & DDoS protection

SOC & Security Platforms

• SOAR
• Cloud Security: AWS, Azure network security controls

Networking

• TCP/IP, DNS, DHCP, BGP, OSPF, VLAN, NAT
• Network troubleshooting and packet analysis (Wireshark)

Qualifications & Experience

Required

• Bachelor’s degree in IT, Computer Science, or equivalent experience
• 3–7 years of experience in network security engineering or SOC environment
• Strong hands‑on experience with enterprise firewalls and VPNs
• Experience supporting SOC operations or MSSP environment
• Strong troubleshooting and analytical skills

Preferred / Advantage

• Experience in System Integrator or MSSP environment
• Cloud network security experience (AWS/Azure)
• Automation or scripting (Python, Bash, API integrations)
• Experience with MITRE ATT&CK and incident response frameworks

Certifications (Preferred)

• Fortinet NSE 4/5/7
• Check Point CCSA / CCSE
• CCNA / CCNP Security
• CEH, GCIH, or equivalent

Soft Skills

• Strong communication and customer‑facing skills
• Ability to work under pressure in incident scenarios
• Good documentation and reporting skills
• Team player with a security‑first mindset