Principal Network Engineer
Role details
Job location
Tech stack
Job description
We are seeking an experienced Network Engineer to support a data center network segmentation initiative focused on implementing micro segmentation and Zero Trust architecture. The role involves designing, deploying, and optimizing segmentation policies using Segmentation platforms. You will be part of the team that leads the strategic shift from traditional flat networks to highly secure, micro-segmented environments across on-premises data centers, global offices, and multi-cloud infrastructure.
You will work closely with security, infrastructure, and application teams to improve east-west traffic visibility, reduce attack surface, and enforce least-privilege communication., Design and Architecture
- Design and implement network segmentation and micro segmentation strategies across data center environments
- Develop Zero Trust network architectures aligned with enterprise security policies
- Define segmentation models (application-centric, environment-based, etc.)
Implementation
- Deploy and configure:
- Segmentation Platforms across On-Prem and Cloud Data Centers
- Create and enforce security policies for east-west traffic
- Integrate segmentation tooling with:
- Firewalls
- SIEM/SOAR platforms
- CMDB / asset inventory systems
Traffic Analysis and Policy Creation
- Analyze application dependencies and traffic flows
- Build and validate allow/deny rules and segmentation policies
- Support policy simulation, testing, and enforcement phases
Operations and Optimization
- Monitor segmentation effectiveness and tune policies
- Troubleshoot connectivity issues related to segmentation enforcement
- Ensure high availability and scalability of segmentation deployments
Collaboration
- Partner with:
- Application owners
- Security teams
- Infrastructure/Cloud teams
- Drive workshops and onboarding sessions for segmentation adoption
Requirements
Do you have experience in Zero trust architecture design?, * 7 - 10 plus years of experience in:
- Network engineering
- Data center networking
- Prior experience in large-scale segmentation or migration projects
- Hands-on experience with Segmentation platforms (Illumio, Guardicore (Akamai), Cisco Secure Workload/Tetration)
- Strong understanding of:
- Networking: Cisco, HP, Arista, Palo Alto, Check Point, Juniper
- TCP/IP, routing, switching
- Firewalls and ACLs
- Network security principles
- Experience with:
- Application dependency mapping
- East-west traffic inspection
- Experience with Enterprise Security:
- Strong understanding of Zero-Trust Network Access (ZTNA), Secure Access Service Edge (SASE) architectures, and stateful firewalling.
- Experience with:
- Cloud platforms (AWS, Azure, GCP)
- Kubernetes / container networking
- Scripting/automation skills:
- Python, PowerShell, or APIs
- Experience CMDB Tools and Technologies (ServiceNow)
- Familiarity with Linux and Windows server environments
- Experience working in financial services or highly regulated environments