Job Description

Senior Network Security Engineer

Location: Newark, New Jersey

Work Setup: Hybrid (2 days onsite)

• We are seeking a highly skilled  Senior Network Security Engineer  for a 6-month contract engagement, with the possibility of conversion to a full-time employee (FTE) based on performance and business needs. The ideal candidate will have 5+ years of experience in advanced network security, specializing in network segmentation, intrusion detection/prevention, network access control, flow monitoring, security event management, and cloud security. You will be responsible for architecting, implementing, and managing network security solutions across both on-premise and cloud environments, utilizing technologies such as Guardicore, Cisco Sourcefire, Cisco ISE, Cisco Secure Network Analytics, Palo Alto Networks Firewalls, UEBA, Exabeam, CASB (Zscaler), WAF (Imperva), and AWS Security Services.

Key Responsibilities:

Network Security Architecture Design:

• Lead the architectural design and implementation of comprehensive network segmentation strategies using Guardicore to isolate critical systems and mitigate lateral movement during attacks.
• Architect solutions for implementing Cisco Sourcefire IDS/IPS, Cisco ISE for access control, and Palo Alto Networks Firewalls to secure the network perimeter and internal traffic flows.
• Develop and design security policies and procedures in alignment with business needs, ensuring they are scalable, effective, and secure across multiple environments (on-premise and cloud).

Intrusion Detection and Prevention Architecture (IDS/IPS):

• Design, configure, and deploy Cisco Sourcefire IDS/IPS solutions across the network, ensuring they align with broader network security strategies and compliance standards.
• Architect secure network traffic flows by leveraging IDS/IPS in combination with other security technologies to provide a layered defense strategy.

Network Access Control (NAC) and Identity Management:

• Lead the architecture of Cisco Identity Services Engine (ISE) to provide centralized network access control across wired, wireless, and VPN infrastructures.
• Design, implement, and continuously optimize authentication, authorization, and accounting (AAA) policies for both corporate and remote users.

Flow Monitoring & Network Detection and Response (NDR) Architecture :

• Design solutions leveraging Cisco Secure Network Analytics (Stealthwatch) to monitor network traffic, detect anomalies, and provide visibility across complex hybrid environments (on-premises and cloud).
• Conduct detailed traffic analysis to identify anomalies and security risks within the network.

Web Application Firewall (WAF) Architecture:

• Design and implement Imperva WAF solutions to safeguard web applications and APIs against common threats such as DDoS, SQL injection, and cross-site scripting.
• Develop and enforce application security policies in collaboration with application development teams to protect mission-critical services.

Cloud Access Security Broker (CASB):

• Architect the deployment and integration of Zscaler CASB to enforce security policies across cloud applications, ensuring secure access to SaaS platforms and sensitive data.
• Lead cloud security design efforts to ensure visibility, control, and protection of cloud-based infrastructure and services.

Cloud Security Architecture (AWS):

• Design secure architectures in AWS using AWS Security Services such as AWS Shield, AWS WAF, AWS GuardDuty, and AWS Config to protect cloud resources from threats.
• Develop and implement cloud security strategies to monitor and protect AWS environments against vulnerabilities and misconfigurations.

Security Event Management & SIEM Architecture:

• Architect and integrate Exabeam for Security Information and Event Management (SIEM) across on-premise, hybrid, and cloud environments to ensure centralized security log management.
• Design use cases, custom dashboards, and detection strategies in Exabeam to improve incident detection, response time, and threat visibility.

Incident Response and Architecture Review:

• Work closely with the incident response team to design and review the architecture of security incidents, ensuring that systems can be rapidly and effectively mitigated.
• Lead architectural reviews of security solutions to ensure they are future-proof, scalable, and integrated with evolving technologies.

Collaboration & Mentorship:

• Work with cross-functional teams, including IT, DevOps, and network teams, to architect end-to-end solutions that meet business security requirements.
• Mentor junior engineers, sharing best practices for security architecture design, troubleshooting, and optimization.

Documentation & Reporting:

• Document security architectures, configurations, policies, and procedures to ensure clarity, compliance, and ease of future audits.
• Produce high-level architecture and technical documentation for executive leadership and stakeholders, outlining security posture, improvements, and risk assessments.

Requirements

Qualifications:

• Experience: Minimum of 5+ years of hands-on experience in network security engineering, with a focus on architecture design, network segmentation, cloud security, and security operations.

Technical Expertise:

• Strong experience in architecting Guardicore micro-segmentation solutions.
• Proven architectural expertise in Cisco Sourcefire IDS/IPS, Cisco ISE for NAC, and Palo Alto Networks Firewalls.
• Expertise in Cisco Secure Network Analytics (Stealthwatch) for flow monitoring and NDR.
• Experience in designing Imperva WAF and Zscaler CASB solutions to secure applications and cloud environments.
• Hands-on experience with AWS Security Services (AWS Shield, WAF, GuardDuty, Config) and securing AWS cloud environments.
• In-depth knowledge of Exabeam for SIEM architecture and security event management.

Soft Skills:

• Strong Communication: Ability to translate complex security concepts into understandable language for both technical and non-technical audiences.
• Collaboration & Leadership: Proven ability to work with cross-functional teams to design integrated, end-to-end security solutions and provide architectural guidance.
• Problem-Solving & Design Thinking: Ability to solve complex security challenges and design solutions that balance security, scalability, and performance.
• Mentorship: Strong desire and capability to mentor junior team members and foster a culture of learning and innovation within the team.

Certifications:

• Relevant certifications such as CISSP, CCNP Security, AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), or similar are preferred.
• Specialized certifications in Cisco ISE, Palo Alto Networks, Exabeam, Zscaler, or Imperva are a plus.

Job Type:

• Contract

Schedule:

• 8 hour shift
• Monday to Friday

Benefits

What We Offer:

• Competitive salary and benefits package.
• Six-month contract with the potential for full-time conversion based on performance and business needs.
• Opportunities for professional development and career growth.
• A collaborative and dynamic work environment, with exposure to cutting-edge security technologies.
• Work with an innovative, forward-thinking security team in a rapidly evolving industry.

Job Tags

Similar Jobs