Senior Network Security Engineer
Job DescriptionJob DescriptionBenefits:
- 401(k)
- Dental insurance
- Health insurance
AlxTel is looking for one (1) Senior Network Security Engineer to support the planning, engineering, implementation, and troubleshooting of secure, scalable, and stable 24x7 network infrastructure. The engineer will be embedded within the IT department and will contribute to both operational support and project-based security engineering.
Key Responsibilities
The selected Network Security Engineer will be expected to:
- Proactively identify organizational security requirements and design solutions accordingly.
- Execute project-based tasks including design, engineering, installation, and troubleshooting of secure network systems.
- Assess, plan, and implement secure networking environments.
- Create detailed graphical and textual design documentation.
- Support capacity planning, monitoring, and maintenance of secure data communications.
- Lead or support the migration of legacy systems to modern security platforms and architectures.
- Assist engineers in troubleshooting network security threats and critical problems.
- Enforce configuration standards, change management policies, and operational procedures.
- Lead and coordinate team activities, ensuring timely problem resolution.
- Generate and deliver weekly project status reports.
- Host regular team/project meetings as necessary.
Required Qualifications
The proposed resource must meet the following minimum qualifications:
- Associate degree in an Information Technology (IT)-related field.
- Active certifications:
- Palo Alto Networks Certified Network Security Engineer (PCNSE)
- Cisco Certified Network Professional (CCNP) either Enterprise or Security track.
Qualifications
- Bachelors degree in an IT-related field.
- 10 years of hands-on IT networking and security experience.
- Current certifications:
- Prisma Certified Cloud Security Engineer (PCCSE) Palo Alto
Cisco Certified Internetwork Expert (CCIE) Enterprise Infrastructure or Security
- Prisma Certified Cloud Security Engineer (PCCSE) Palo Alto
Desired Technical Skills & Experience
- Minimum 5 years working with:
- Palo Alto next-gen firewalls (NGFWs)
- Intrusion Detection & Prevention Systems (IDPS)
- Content filtering
- VPNs (including IPsec and SSL)
- Data Loss Prevention (DLP)
- TLS/SSL Inspection
- Palo Alto next-gen firewalls (NGFWs)
- Minimum 4 years with Cisco switching, routing, and wireless.
- Minimum 3 years working with:
- A10 Networks for reverse proxy and load balancing
- A10 Networks for reverse proxy and load balancing
- Minimum 2 years of experience in:
- Cisco ISE, Free Radius, and ACLs for access control
- Cisco ISE, Free Radius, and ACLs for access control
- General technical competencies in:
- Microsoft MFA implementations
- Cloud-based security and networking
- 802.1x authentication (wired/wireless)
- EIGRP, OSPF, BGP routing protocols
- Data Center micro-segmentation
- PKI and certificate lifecycle management
- Vulnerability tools (Nessus, NMAP, etc.)
- Packet analysis tools (Wireshark, Riverbed, Opnet)
- Centralized management platforms (Panorama, SolarWinds)
- Working knowledge of Windows, Linux, and Unix platforms
- Microsoft MFA implementations
- Soft skills:
- Independent problem-solving and troubleshooting
- Ability to mentor junior staff
- Clear communication and technical documentation skills
- Independent problem-solving and troubleshooting
Work Location & Hybrid Schedule
- Initial schedule: 3 days onsite, 2 days remote (MonFri).
- Post-performance review: May shift to 2 days onsite, 3 days remote.
- On-site location is in Annapolis, MD.
- Must be able to report onsite within 4 hours when requested.
- Remote work from outside the U.S. is not permitted.
Working Hours
- Standard work hours: 8:00 AM 4:30 PM ET, MonFri.
- Must be available to work flexible hours (evenings, weekends, holidays) as required.
- Annual work cap: 2,040 hours.
Onboarding & Training
- A 2 to 4 week training period will be provided at the start of the assignment.