Senior Network, Security & AWS Cloud Engineer

Fully knowledgeable in the day-to-day operations of enterprise network, cybersecurity, and AWS cloud environments. Resolves complex issues requiring expertise in interpreting policies, security frameworks, and operational guidelines. Acts as a subject matter expert across networking, firewall security, and cloud infrastructure. Focuses on hands-on operational execution while contributing to strategic planning and implementing new projects. May manage or mentor junior staff and collaborate closely with operations and security teams. Your Duties and Responsibilities:

• Manages and maintains Fortinet firewalls and Cisco switches across corporate offices and data centers, including firewall policy conversion, rule optimization, and traffic validation.
• Designs, optimizes, and audits firewall rule sets aligned with NIST, CIS Benchmarks, and internal security standards.
• Performs cybersecurity audits, identifies security gaps, and leads remediation efforts to meet regulatory and organizational requirements.
• Design and optimizes network architectures to improve performance, reduce latency, and ensure scalability and resiliency.
• Configures and troubleshoots routing protocols including MPLS, EIGRP, BGP, and OSPF across enterprise and cloud environments.
• Administers and supports Cisco ISE for network access control and policy enforcement.
• Designs, implements, and troubleshoots NAT configurations (Static NAT, Dynamic NAT, PAT).
• Implements and supports WAN solutions, including policy-based traffic steering, failover mechanisms, and performance troubleshooting.
• Administers cloud security and Zero Trust architecture, including secure web access, proxy configurations, and remote user access controls.
• Manages AWS networking and security services, including VPC design, security groups, NACLs, VPNs, and monitoring/logging integrations.
• Implements and maintain threat protection controls, including DDoS mitigation, IDS/IPS, and collaborates with SOC teams for incident response.
• Leads advanced troubleshooting efforts using packet captures, log analysis, and performance diagnostics.
• Collaborate with vendors such as Cisco, Fortinet, KEMP, and AWS to resolve complex networking and security issues.
• Administers CyberArk Privileged Access Management (PAM), including credential vaulting, access policies, and compliance enforcement.
• Develops and maintains technical documentation, including firewall rules, network diagrams, and audit evidence.
• Creates automation scripts using Python, Bash, or PowerShell to improve operational efficiency and streamline audits.
• Works closely with IT Operation teams, providing technical guidance while remaining hands-on in engineering and troubleshooting.
• Support infrastructure technologies such as VMware vSphere, Windows Server, Active Directory, and enterprise storage (NetApp, Pure) (preferred).
• Engineer and implement new infrastructure and security solutions.
• Perform system upgrades, patching, and routine maintenance activities.
• Update procedures and documentation in response to system and environmental changes.
• Assist in planning and executing disaster recovery (DR) tests.
• Perform additional duties as assigned by management.

Do you have experience in Windows support?, * 7+ years of experience in network engineering and cybersecurity.

• Strong expertise in Fortinet firewalls and Cisco networking technologies.
• Advanced knowledge of routing protocols (BGP, OSPF, EIGRP, MPLS).
• Hands-on experience with AWS networking and cloud security services.
• Deep understanding of network security principles, Zero Trust architecture, and compliance frameworks (NIST, CIS Benchmarks).
• Experience with Cisco ISE and CyberArk PAM solutions.
• Strong knowledge of NAT, VPNs, WAN technologies, and high availability design.
• Advanced troubleshooting skills using packet capture tools and log analysis.
• Experience with automation scripting (Python, Bash, PowerShell).
• Working knowledge of Microsoft Windows Server (2016-2025) and Active Directory.
• Familiarity with VMware ESXi / vSphere 8.x or higher, and Storage technology.
• Experience with data center infrastructure, hybrid cloud environments, and disaster recovery planning.
• Strong organizational, analytical, and multitasking capabilities.
• Proven project management and execution skills.

3.13.1 out of 5 stars 1251 Ave Of The Americas, New York, NY 10020 Hybrid work $160,000 - $200,000 a year - Full-time, Pulled from the full job description

• Tuition reimbursement
• 401(k)
• Health insurance
• Paid time off
• Vision insurance
• Health savings account
• Dental insurance

Sumitomo Mitsui Trust Bank, Limited was established through the merger of The Sumitomo Trust and Banking Co., Ltd with Chuo Mitsui Trust and Banking, Ltd. on April 1, 2012. We are one of the largest asset managers in Asia and number one among Japanese financial institutions by AUM, with approximately $850 Billion USD in AUM. The Bank provides an assortment of financial solutions and manages a broad spectrum of financial products across its global branches., The Americas Division ("AD") was established in the Sumitomo Mitsui Trust Bank, Limited, New York Branch) ("SMTBNY") to perform corporate functions and supervise U.S. entities. Established under the AD are the "Global Banking Unit ("GBU"), Americas Division" and "Global Markets Unit ("GMU"), Americas Division" which performs business functions. The Information Technology Department ("ITD") provides the users of the Branch's information systems with sufficient and appropriate system resources and functionality to complete their day-to-day business and keeps security and consistency of the important information that is stored in the systems., We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SuMi Trust provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application