We are seeking a hands-on Network Security Engineer to operate and continuously improve our network security stack—primarily enterprise firewalls (Palo Alto, Fortinet, Cisco), secure web gateways/proxies, and site-to-site/remote-access VPNs. The ideal candidate is an operator-engineer hybrid with deep knowledge across L2–L7 security controls, strong troubleshooting skills, and proven experience in high-availability, low-latency environments. Experience supporting MAS TRM or BNM RMiT audits is highly preferred.

Operations & Reliability:
Own day‑to‑day operation of Palo Alto, Fortinet, and Cisco firewalls, Proxies, and VPN appliances (IPSec/SSL).
Monitor and maintain HA clusters, dynamic routing (BGP/OSPF) on firewalls, and NAT/policy objects to ensure availability and performance SLAs.
Execute change management: rule modifications, NAT adjustments, SSL decryption policies, URL categories and app‑ID signatures.
Perform break/fix troubleshooting using methodical, packet‑level analysis (pcaps, flow records, session tables, global counters).
 

Security Engineering & Hardening:
Manage segmentation (zones, VRFs, tags), east‑west and north‑south controls, and zero-trust policy baselines.
Develop and maintain standardized security templates (objects, groups, security profiles, threat/vulnerability profiles, URL filtering, DLP where applicable).
Tune IPS/IDS, Anti‑Malware, URL filtering, WildFire/ATP, DNS Security, and sandboxing controls to reduce false positives while maintaining strong coverage.
Integrate firewalls with identity (AD/LDAP, IdP, SSO), SIEM/SOAR, PKI, and EDR/XDR telemetry to enrich detections and automate response.
 

Secure Remote Access & Edge
Maintain VPN architectures (IPSec, GlobalProtect/AnyConnect/FortiClient), posture checks, MFA, split vs. full tunnel policies.
Support branch/edge (SD‑WAN) security policy application and traffic steering to on‑prem or cloud security services.
Manage proxy/SWG policies (e.g., SSL decrypt, file controls, CASB integration) and ensure compliance for web access.
Experience in Zero Trust Network Access (ZTNA) is an advantage.
 

Governance, Risk & Compliance
Maintain policy standards, rule certification/recertification cycles, and least‑privilege reviews.
Ensure controls meet regulatory and industry frameworks (e.g., ISO 27001, NIST 800‑53/CSF, SOC 2, PCI DSS, MAS TRM if applicable).
Document and execute disaster recovery and BCP plans for network security platforms.
 

Incident Response & Continuous Improvement
Act as an escalation point for network‑security incidents; participate in RCA, and corrective actions.
Build dashboards and metrics (utilization, block/allow, threat trends, latency) and drive continuous tuning.
Contribute to runbooks, knowledge base articles, and automation (e.g., Ansible, Terraform, Panorama, FortiManager, Cisco FMC APIs).

We are looking for a Site Reliability Engineer (SRE) to support and manage our Infrastructure-as-a-Service (IaaS) platform built on the VMware Cloud Foundation (VCF) stack. The role involves maintaining, automating, and optimizing the VCF environment, ensuring high availability, scalability, and operational efficiency

Day-to-Day Responsibilities

• Manage, operate, and optimize VMware Cloud Foundation (VCF) environments.
• Configure and maintain vCenter, ESXi clusters, and vRealize Suite components (vROps, vRA, vRLI, vRNI).
• Develop and maintain automation scripts and playbooks using Ansible and PowerCLI to streamline operations and deployments.
• Monitor system health, capacity, performance, and proactively troubleshoot infrastructure issues.
• Collaborate with Cloud, DevOps, Security, and Infrastructure teams to ensure platform reliability and compliance.
• Implement and maintain configuration management, system upgrades, and patching processes.
• Support Windows and Linux virtual machine environments, including lifecycle management and troubleshooting

Must-Have Skills & Experience

• The ideal candidate will have a strong foundation in IT infrastructure and virtualization, with proven hands-on experience managing enterprise-grade VMware environments.
• Overall IT Experience: 5–7 years of professional experience in IT infrastructure, systems, or virtualization.
• VMware Cloud Foundation (VCF): 2–3 years of experience managing and operating VCF environments, including SDDC Manager, vCenter, NSX, and vSAN integration.
• vCenter & ESXi: 3–5 years of experience in the installation, configuration, and management of vSphere environments, including HA, DRS, resource allocation, and troubleshooting.
• vRealize Suite (vROps, vRA, vRLI, vRNI): 2+ years of experience deploying, monitoring, and automating infrastructure using vRealize tools.
• Automation – Ansible: 2–3 years of experience building and maintaining automation playbooks for provisioning and configuration of infrastructure.
• Automation – PowerCLI / PowerShell: 2+ years of experience developing scripts for VMware automation and task orchestration.
• Operating Systems (Windows & Linux): 2+ years of experience performing administration, configuration, and troubleshooting of virtual machines.
• Monitoring & Troubleshooting: 3+ years of experience identifying, analyzing, and resolving issues in virtualized environments, ensuring high availability and performance.