Network Engineer - Firewall Security
Role details
Job location
Tech stack
Job description
UMG is seeking an experienced Network Engineer - Firewall Security to join our Global Network Infrastructure team. This role plays a critical part in UMG's Global Security and Cybersecurity strategy by designing, standardizing, and operating enterprise firewall and perimeter security platforms.
The ideal candidate will have deep hands-on experience with next-generation firewall technologies, a strong focus on security standardization, and the ability to partner closely with Cybersecurity and Infrastructure teams in a global enterprise environment.
Key Responsibilities
- Design, deploy, and support enterprise firewall and perimeter security solutions
- Build, implement and maintain security controls aligned with Zero Trust and least-privilege principles
- Lead standardization efforts across firewall platforms and configurations
- Define and maintain Network Access Control (NAC) strategy, standards, and architectures (Cisco ISE) to support secure enterprise access
- Design, implement, and operationalize NAC policy including authentication/authorization, device profiling, and identity-based segmentation enforcement
- Own network security logging and telemetry strategy for firewall and NAC controls, including log scope, retention, access controls, and audit readiness
- Design and implement logging methods and systems (e.g., syslog, API-based ingestion, cloud-native logging) to onboard network security events into the enterprise SIEM for monitoring and incident response
- Partner with the SOC to define alerts, dashboards, and investigation workflows based on firewall and NAC security logs
- Perform security assessments and contribute to risk reduction initiatives
- Serve as an escalation point for complex firewall and network security issues
- Maintain network security standards documentation, configuration standards, and operational runbooks
- Participate in technology evaluations and security architecture reviews
- Ensure adherence to change, incident, and problem management processes
Requirements
Required:
- 5+ years of overall IT experience
- 3+ years in firewall or network security engineering roles
- Experience with firewall concepts and implementations, preferably Palo Alto Networks firewalls
- Experience with Network Access Control (NAC) concepts and implementations, preferably Cisco Identity Services Engine (ISE)
- Working knowledge of AAA and secure access methods including 802.1X and RADIUS/EAP; familiarity with certificate-based authentication and PKI dependencies
- Experience designing and operating security logging for network security controls, including log source onboarding, normalization, retention, and integration with SIEM platforms
- Solid understanding of IP networking, routing, and security fundamentals
- Experience working in large, global, or regulated environments
- Strong communication and documentation skills
Preferred:
- Security certifications such as CCNP Security, PCNSE, or equivalent
- Familiarity with Zero Trust, network segmentation, and security governance frameworks
- Experience supporting audits, compliance, or regulatory requirements
Benefits & conditions
Pulled from the full job description
- Annual leave
- Employee discount
- Employee assistance programme
- Company pension
- Private medical insurance
- Cycle to work scheme
- Season ticket loan, * Group Personal Pension Scheme (between 3% and 9%)
- Private Medical Insurance
- 25 paid days of annual leave
- Interest Free Season Ticket Loan
- Holiday Purchase scheme
- Dental and Travel Insurance options
- Cycle to Work Scheme
- Salary Sacrifice Cars
- Subsidised Gym Membership
- Employee Discounts (Reward Gateway)
Just So You Know…
The company presents this job description as a guide to the major areas and duties for which the jobholder is accountable. However, the business operates in an environment that demands change and the jobholder's specific responsibilities and activities will vary and develop. Therefore, the job description should be seen as indicative and not as a permanent, definitive, and exhaustive statement.