Network Security Engineer

Network and Security Engineer. This role provides advanced technical and engineering experience to support network and security solutions throughout the firm., * Design, implement, and maintain secure network architectures aligned with Zero Trust principles, firm policies and regulatory requirements.

• Design, implement, and maintain enterprise network architecture, including LAN, WAN, SD-WAN, Wi-Fi, and Azure.
• Actively support the firm's ISO 27001 Information Security Management System, including implementation, maintenance, and continual improvement of information security controls.
• Working closely with cybersecurity vendors deploying, configuring, and managing firewalls, Core network infrastructure, IDS/IPS, DLP, PKI, network monitoring, alerting, and intrusion detection.
• Control and monitor traffic flows and enforce least-privilege access
• Administer multi-factor authentication (MFA), enterprise authentication (SAML/SSO), and content monitoring/filtering.
• Administer and maintain endpoint detection and response (EDR) platforms.
• Ensure consistent endpoint security policy enforcement across all managed devices
• Conduct regular vulnerability scans across network, systems, and applications.

In addition to the essential functions and duties listed above, all positions are also responsible for:

• Meeting firm standards pertaining to quantity and quality of work performed on an ongoing basis, performing all work-related tasks in a manner that is in compliance with all firm policies and procedures.

• 6+ years of hands-on network and security engineering experience, * Associates, Technical School or bachelor's degree in computer science/information technology, * Minimum of 4 years of hands-on experience in security engineering, security architecture, or a similar role
• Strong background across routing, switching, and data center networking
• Deep understanding of protocols and architecture (BGP, ACLS, 802.1X, etc.)
• Wireless network design, implementation, and troubleshooting.
• Solid foundation in core security principles, including network security, application security, identity and access management (IAM), data encryption, vulnerability management, and incident response.
• Proven experience designing and implementing security architecture across Microsoft Azure, M365 and on-premises environments.
• Hands-on experience with enterprise security platforms including CrowdStrike, Tenable One, Sumo Logic, Egress, Microsoft Purview and Microsoft Defender.
• Strong analytical and problem-solving with the ability to proactively identify, assess, and mitigate security risks.
• Excellent verbal and written communication skills with the ability to collaborate effectively across technical and non-technical teams

Licenses & Certifications

• CCNP, CISSP, CISM, CCSP, or similar certification desired