Principal Network Engineer

Fmr LLC
Westlake, United States of America
11 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Westlake, United States of America

Tech stack

Access Network
API
Amazon Web Services (AWS)
Azure
Cloud Computing
Cloud Database
Configuration Management Databases
Data Centers
Linux
Python
Network Security
Windows Server
Routing
Network Segmentation
Powershell
Akamai
Zero Trust Network Access
Security Information and Event Management
TCP/IP
Traffic Analysis
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
System Availability
Multi-Cloud
Firewalls (Computer Science)
Juniper
Data Center Networking
Kubernetes
Cisco networks
ServiceNow

Job description

We are seeking an experienced Network Engineer to support a data center network segmentation initiative focused on implementing micro segmentation and Zero Trust architecture. The role involves designing, deploying, and optimizing segmentation policies using Segmentation platforms. You will be part of the team that leads the strategic shift from traditional flat networks to highly secure, micro-segmented environments across on-premises data centers, global offices, and multi-cloud infrastructure.

You will work closely with security, infrastructure, and application teams to improve east-west traffic visibility, reduce attack surface, and enforce least-privilege communication., Design and Architecture

  • Design and implement network segmentation and micro segmentation strategies across data center environments
  • Develop Zero Trust network architectures aligned with enterprise security policies
  • Define segmentation models (application-centric, environment-based, etc.)

Implementation

  • Deploy and configure:
  • Segmentation Platforms across On-Prem and Cloud Data Centers
  • Create and enforce security policies for east-west traffic
  • Integrate segmentation tooling with:
  • Firewalls
  • SIEM/SOAR platforms
  • CMDB / asset inventory systems

Traffic Analysis and Policy Creation

  • Analyze application dependencies and traffic flows
  • Build and validate allow/deny rules and segmentation policies
  • Support policy simulation, testing, and enforcement phases

Operations and Optimization

  • Monitor segmentation effectiveness and tune policies
  • Troubleshoot connectivity issues related to segmentation enforcement
  • Ensure high availability and scalability of segmentation deployments

Collaboration

  • Partner with:
  • Application owners
  • Security teams
  • Infrastructure/Cloud teams
  • Drive workshops and onboarding sessions for segmentation adoption

Requirements

Do you have experience in Zero trust architecture design?, * 7 - 10 plus years of experience in:

  • Network engineering
  • Data center networking
  • Prior experience in large-scale segmentation or migration projects
  • Hands-on experience with Segmentation platforms (Illumio, Guardicore (Akamai), Cisco Secure Workload/Tetration)
  • Strong understanding of:
  • Networking: Cisco, HP, Arista, Palo Alto, Check Point, Juniper
  • TCP/IP, routing, switching
  • Firewalls and ACLs
  • Network security principles
  • Experience with:
  • Application dependency mapping
  • East-west traffic inspection
  • Experience with Enterprise Security:
  • Strong understanding of Zero-Trust Network Access (ZTNA), Secure Access Service Edge (SASE) architectures, and stateful firewalling.
  • Experience with:
  • Cloud platforms (AWS, Azure, GCP)
  • Kubernetes / container networking
  • Scripting/automation skills:
  • Python, PowerShell, or APIs
  • Experience CMDB Tools and Technologies (ServiceNow)
  • Familiarity with Linux and Windows server environments
  • Experience working in financial services or highly regulated environments

Apply for this position