Companies Ignite IT Senior Network Security Engineer

About the role

Ignite IT · Hybrid

We are seeking a Senior Network Security Engineer for an operations-first role supporting enterprise network security infrastructure across on-premises, remote-access, hybrid-cloud, and cloud-connected environments. This is not primarily an architecture/design role. The priority is a hands-on engineer who can administer, configure, maintain, troubleshoot, patch, upgrade, back up, validate, document, and operate production security platforms with minimal ramp-up.

  • Firewall operations: hands-on Cisco and Palo Alto firewall administration, rule changes, NAT, troubleshooting, policy cleanup, upgrades, backups, logging, and production support.
  • VPN / remote access: support for remote-access VPN, site-to-site VPN, user connectivity issues, certificates, authentication flows, and after-hours troubleshooting.
  • RSA / MFA administration: RSA SecurID or equivalent MFA operations, token support, server administration, user troubleshooting, VPN integration, certificates, patching, backups, logs, and monitoring.
  • Day-to-day operations: ticket resolution, monitoring alerts, health checks, change requests, incident support, maintenance windows, operational reporting, and customer support.
  • Configuration and administration: installing, configuring, maintaining, patching, upgrading, backing up, validating, and troubleshooting assigned security platforms.
  • Production troubleshooting: strong TCP/IP, DNS, routing, firewall logs, packet captures, VPN authentication, certificate, and connectivity troubleshooting.
  • Documentation and process discipline: SOPs, runbooks, diagrams, change records, rollback plans, evidence collection, knowledge transfer, and formal change management.
  • Federal/customer environment maturity: Public Trust eligibility, regulated-environment documentation, customer support, cross-team coordination, and comfort working with government stakeholders.

The best candidate can credibly say: "I have operated enterprise Cisco and Palo Alto firewalls in production, handled firewall rule changes and troubleshooting, supported VPN users and site-to-site tunnels, administered or supported RSA/MFA tied to VPN access, followed formal change-management processes, maintained documentation and backups, and can step into daily operational support with minimal ramp-up."

Scope and Role Boundaries

  • Primary platforms include Cisco ASA/Firepower/FTD/FMC, Palo Alto NGFW/Panorama/GlobalProtect, remote-access and site-to-site VPN, RSA SecurID Authentication Manager or comparable MFA, monitoring/logging/SIEM integrations, and related network security controls.
  • Coordinate with SOC/NOC, cloud, identity/directory, wireless/LAN, server, endpoint, system owner, application, governance, and vendor teams during changes, incidents, troubleshooting, compliance, and audit support.
  • Cloudflare, Cisco ISE/NAC, secure web/email gateways, packet visibility tools, SD-WAN/SASE/ZTNA, AWS/Azure security, and F5/application-delivery awareness are useful where they intersect with assigned operational support, but the core need is firewall, VPN, RSA/MFA, and production operations.

Key Responsibilities

  • Provide daily, weekly, monthly, and annual operational support for assigned security systems, including tickets, alerts, health checks, email/phone support, metrics, status reporting, and operational validation.
  • Administer and troubleshoot enterprise firewalls, including rule bases, NAT, segmentation, high availability, threat prevention, VPN integration, logging, secure baselines, rule reviews, recertification, cleanup, and decommissioning.
  • Install, configure, maintain, patch, upgrade, back up, and validate firewall, VPN, MFA, and related network security systems in production environments.
  • Support remote-access VPN, site-to-site VPN, partner connectivity, cloud connectivity, mobile/remote users, certificates, authentication policies, availability, utilization, and user access issues.
  • Maintain and troubleshoot RSA SecurID Authentication Manager or equivalent MFA services, including servers/appliances, agents, certificates, HA, backups, logs, monitoring, directory integration, VPN authentication, and token lifecycle support.
  • Respond to incidents, vulnerability notices, urgent requests, vendor advisories, PSIRT notices, system alerts, and emergency troubleshooting while minimizing service disruption.
  • Use firewall logs, VPN logs, packet captures, SIEM data, monitoring tools, DNS/routing checks, and standard diagnostics to resolve complex connectivity, authentication, TLS/certificate, and application-flow issues.
  • Create and maintain topology diagrams, equipment inventories, configurations, SOPs, runbooks, implementation plans, rollback plans, build/upgrade procedures, troubleshooting notes, and knowledge articles.
  • Follow approved change, release, incident, problem, and configuration-management processes; prepare change records, peer-review materials, validation evidence, root-cause analysis, metrics, and audit artifacts.
  • Support vulnerability remediation, POA&M tracking, continuous monitoring, compliance reviews, audit evidence collection, and coordination with ISSO, system owner, and security governance teams.

Requirements

  • 7+ years of experience in network security engineering, network infrastructure, cybersecurity infrastructure, or a closely related role.
  • 5+ years of hands-on experience administering, maintaining, and troubleshooting enterprise firewall platforms in production environments.
  • Hands-on experience with Cisco security technologies such as Cisco ASA, Firepower, FTD, FMC, AnyConnect/Secure Client, or equivalent Cisco firewall/VPN platforms.
  • Hands-on experience with Palo Alto Networks technologies such as NGFW, Panorama, GlobalProtect, security profiles, App-ID/User-ID, logging, and policy optimization.
  • Experience administering or supporting RSA SecurID Authentication Manager or comparable enterprise MFA/two-factor authentication platforms, including token support, server operations, patching/upgrades, backups, certificates, monitoring, and directory/VPN integration.
  • Strong knowledge of firewall policy, NAT, VPNs, routing, DNS, DHCP, BGP, TLS/certificates, packet captures, log analysis, segmentation, high availability, and common network diagnostic tools.
  • Experience with enterprise monitoring, logging, SIEM, alerting, vulnerability management, incident response, formal change management, and regulated-environment documentation.
  • Ability to create clear technical documentation, support customers and stakeholders, prioritize operational work, communicate clearly, and coordinate across technical teams.
  • Ability to obtain and maintain a Public Trust background investigation.

Desired Certifications

Relevant certifications are helpful but should not replace demonstrated hands-on experience. Examples include CCNP Security, CCIE Security, PCNSE, PCCSE, CISSP, CCSP, AWS Certified Security - Specialty, AWS Advanced Networking - Specialty, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Azure Network Engineer Associate, CompTIA Security+, CompTIA CySA+, GIAC certifications, or equivalent vendor/cloud certifications.

Core Competencies

Enterprise firewall engineering and policy lifecycle management

VPN, remote access, RSA/MFA, and token lifecycle operations

Cloudflare, edge security, secure access, and Zero Trust support

Content filtering, secure web/email gateway, and NAC operations

Hybrid-cloud network security and secure connectivity

Monitoring, logging, SIEM integration, and incident response support

Security visibility, packet analysis, and advanced troubleshooting

Vulnerability remediation, compliance evidence, and POA&M support

Change management, documentation, reporting, and operational metrics

Technical leadership, customer support, and cross-team collaboration

Benefits

  • 401(k)
  • 401(k) matching
  • Dental insurance
  • Flexible schedule
  • Flexible spending account
  • Health insurance
  • Health savings account
  • Life insurance
  • Paid time off
  • Professional development assistance
  • Referral program
  • Retirement plan
  • Tuition reimbursement
  • Vision insurance
Ready to apply to Ignite IT?
Apply to Ignite IT

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free