Network Security Engineer (Ansible / NX-OS)

We are looking for a highly skilled Network Security Engineer with deep expertise in Cisco NX-OS and Ansible automation to strengthen and automate our enterprise network environment. The ideal candidate will be responsible for designing secure, scalable network architectures, ensuring compliance with cybersecurity standards, and leading automation initiatives to enhance efficiency and reliability across our data center and campus network infrastructures.

• Design, implement, and maintain secure, scalable, and resilient network infrastructures using Cisco Nexus (NX-OS) platforms.

• Develop and maintain Ansible playbooks, roles, and automation workflows to streamline configuration management and compliance checks.

• Apply and enforce network security best practices including segmentation, access control, firewall policy management, and continuous monitoring.

• Integrate automation with network management and monitoring tools such as SolarWinds, Cisco DNA Center, and NetBox.

• Conduct network audits, perform vulnerability assessments, and apply security hardening to all NX-OS devices.

• Collaborate with Cybersecurity and IT teams to align network operations with logging, incident response, and policy frameworks.

• Troubleshoot and resolve complex Layer 2–Layer 7 network and security issues with minimal downtime.

• Manage network change management processes, ensuring safe and automated rollouts using Ansible and CI/CD methodologies.

• Maintain up-to-date network documentation, including topology diagrams, configuration standards, and operational procedures.

• Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent hands-on experience).

• Minimum 5 years of experience as a Network or Security Engineer.

• Proven expertise with Cisco NX-OS (Nexus 9K/7K/5K platforms).

• Strong proficiency in Ansible automation, including playbook development, YAML, Jinja2 templating, and Git-based version control.

• Deep understanding of network security fundamentals — ACLs, firewalls, VPNs, 802.1x, segmentation, IDS/IPS, and related controls.

• Solid grasp of routing and switching protocols (BGP, OSPF, STP, VXLAN, EVPN).

• Experience in Python scripting for network automation (preferred).

• Familiarity with CI/CD pipelines and Infrastructure-as-Code (IaC) concepts.

• Strong troubleshooting and packet analysis skills (Wireshark, NetFlow, etc.).

• Cisco Certified Network Professional (CCNP) or higher (CCIE strongly preferred).

• Cisco CyberOps or other Cisco Security certifications.

• Red Hat Ansible Automation or equivalent certification.

• CompTIA Security+, CISSP, or equivalent cybersecurity certification.

• Strong analytical and problem-solving mindset.

• Excellent written and verbal communication skills.

• Ability to collaborate effectively across Network, DevOps, and Security teams.

• Self-driven, detail-oriented, and thrives in a fast-paced, evolving environment.