Senior Security & Network Engineer
Role details
Job location
Tech stack
Job description
We are seeking a Senior SecurityNetwork Engineer to assist with the design, implementation, and support a hybrid infrastructure spanning Azure cloud networking, Microsoft security platforms, and on-premises enterprise networks. This role is responsible for working as part of a team that will ensure secure, scalable, and resilient connectivity across offices, jobsites, and cloud environments, with a strong focus on Fortinet firewall management, Azure networking architecture, SD-WAN, and Microsoft security controls. The ideal candidate will also play a key role in ensuring alignment with CMMC requirements and NIST 800-171 standards, maintaining policies and controls that protect sensitive data and support regulatory compliance.Key Responsibilities Azure NetworkingCloud Infrastructure
- Design, deploy, and maintain Azure networking architectures, including:
- Virtual Networks (VNets), subnets, and peering
- Azure Firewall, NSGs, and routing tables
- VPN gateways and hybrid connectivity (site-to-site and point-to-site)
- Support and optimize Azure landing zones and network segmentation
- Ensure secure connectivity between on-prem environments, jobsites, and Azure workloads
- Monitor performance, availability, and cost optimization of Azure network resources
Enterprise NetworkingJobsite Connectivity
- Manage and support LAN/WAN infrastructure across corporate offices, plants, and jobsites
- Design and implement secure, scalable jobsite connectivity solutions, including temporary and mobile deployments
- Support and evolve SD-WAN architecture to improve reliability, performance, and centralized management
- Configure and maintain:
- Core switching and routing
- VLAN segmentation and IP addressing strategy
- Wireless and remote site connectivity
- Troubleshoot complex connectivity, latency, and routing issues across distributed environments
FirewallSecurity Infrastructure
- Design, implement, and manage Fortinet firewall solutions, including:
- Policy management, rule optimization, and segmentation
- VPN configuration and troubleshooting
- IDS/IPS and secure access enforcement
- Administer and support Fortinet ecosystem components (FortiGate, FortiClient, EMS, SD-WAN capabilities)
- Implement and manage Microsoft security technologies, including:
- Microsoft Defender (endpoint, identity, and cloud protection)
- Entra ID (Azure AD), Conditional Access, and identity governance
- Microsoft Purview for data protection and classification
- Enforce Zero Trust principles, least privilege access, and network segmentation strategies
Security, ComplianceCMMC Alignment
- Assist with implementation and maintenance of technical controls supporting CMMC and NIST SP 800-171 requirements
- Support audits, assessments, and evidence collection for CMMC and other regulatory frameworks
- Collaborate with security leadership to continuously improve cybersecurity posture and risk management
- Participate in incident response, threat monitoring, and vulnerability remediation efforts
OperationsCollaboration
- Work closely with IT leadership and cross-functional teams to support business-critical systems and field operations
- Participate in infrastructure planning, including Azure expansion and new site deployments
- Provide escalation support for networking and security incidents
- Maintain network diagrams, security documentation, and configuration standards
- Identify opportunities for automation, standardization, and operational efficiency
Requirements
Do you have experience in Zero trust architecture design?, * A minimum of 7 years of experience in network engineering and security
- Hands-on expertise with:
- Azure networking (VNets, VPNs, routing, firewall)
- Fortinet firewalls (FortiGate required)
- Enterprise LAN/WAN and distributed environments
- Strong understanding of:
- TCP/IP, routing protocols, and segmentation
- VPN technologies and secure remote access
- Zero Trust architecture principles
- Experience supporting regulatory frameworks (NIST 800-171, CMMC, or similar)
- Experience with the Microsoft Security Suite(Defender, MDO, Purview, and Sentinel)
- Proven ability to troubleshoot complex hybrid (cloud + on-prem + field) environments
Preferred Qualifications
- Certifications (preferred):
- Azure Network Engineer Associate
- CISSP, CCNP, or equivalent
- Experience with:
- SD-WAN design and deployment (Fortinet preferred)
- Ubiquiti WiFi
- Construction or distributed workforce environments
- Network monitoring, SIEM, or observability tools
- Intune and endpoint management
- Vulnerability management, remediation workflows, and security hardening
- Infrastructure-as-Code
Success Measures
- Reliable, secure connectivity across all offices, jobsites, and Azure environments
- Strong compliance posture with NIST 800-171 and CMMC controls actively maintained
- Effective SD-WAN and firewall management improving performance and security
- Reduced incident response times and improved threat visibility
- Scalable, repeatable infrastructure designs with clear documentation
Benefits & conditions
Pulled from the full job description
- Health insurance
- 401(k) matching
- Vision insurance
- Dental insurance
- Free parking
- Profit sharing
- Paid holidays, We offer an outstanding compensation and benefits package that includes medical, dental, and vision insurance; 401(k) with company match and exceptional profit-sharing plan; annual performance bonus eligibility; free employee parking.