Network Security Engineer

Source Inc.
Denver, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Denver, United States of America

Tech stack

Access Control List
API
Amazon Web Services (AWS)
Antivirus Softwares
Application Firewall
Azure
Border Gateway Protocol
Cloud Computing
Cloud Computing Security
Cluster Analysis
Computer Security
Data Centers
Network Address Translation
Firmware
Internet Protocol Security (IP SEC)
Intrusion Detection and Prevention
Intrusion Detection Systems
Virtual Private Networks (VPN)
Network Security
Log Analysis
Networking Basics
Network Monitoring
Routing
Open Shortest Path First
PCI Data Security Standards
Ansible
Zero Trust Network Access
Runbook
Security Information and Event Management
Systems Integration
Virtual Local Area Networks
Wide Area Networks
Scripting (Bash/Python/Go/Ruby)
Transport Layer Security
Google Cloud Platform
Firewalls (Computer Science)
Web Filtering
Cybercrime
Fortinet
Firewall Services Module
Terraform
Open Network Automation Platform
Vulnerability Analysis

Job description

We are seeking an experienced Senior Network Security Engineer with deep, hands-on expertise in Fortinet technologies and multi-region network security architecture. This role is responsible for the design, implementation, management, and continuous improvement of our global network security infrastructure, ensuring consistent policy enforcement, threat visibility, and operational resilience across all regional environments. The ideal candidate brings strong Fortinet platform mastery - including FortiGate, FortiManager, FortiAnalyzer, and the broader Fortinet Security Fabric - combined with broad enterprise network security experience and a security-first mindset., Design, deploy, and manage enterprise-grade Fortinet firewall infrastructure (FortiGate) across multiple geographic regions, ensuring standardized policy frameworks and localized compliance where required Administer FortiManager for centralized policy management, device provisioning, and configuration consistency across all regional firewall deployments Operate and maintain FortiAnalyzer for log aggregation, threat correlation, security event analysis, and compliance reporting across the global environment Architect and implement Fortinet Security Fabric integrations including FortiSIEM, FortiEDR, FortiNAC, and FortiSandbox to deliver cohesive, end-to-end threat detection and response capabilities Design and manage SD-WAN solutions using Fortinet SD-WAN, optimizing performance, resilience, and security for multi-site connectivity Develop, maintain, and enforce firewall security policies, access control lists, NAT rules, application control profiles, and SSL/TLS inspection policies Lead the planning and execution of multi-region firewall migrations, upgrades, and new site deployments with minimal business disruption Conduct regular firewall audits and rule-base reviews to identify and remediate policy bloat, misconfiguration, and unnecessary exposure Partner with network, cloud, and security operations teams to integrate perimeter security controls with cloud-native security services (AWS, Azure, Google Cloud Platform) and zero trust architecture initiatives Develop and maintain network security documentation including architecture diagrams, standard operating procedures, runbooks, and change management records Participate in security incident response activities, including firewall log analysis, traffic forensics, containment actions, and post-incident remediation Monitor network security posture through threat intelligence feeds, vulnerability assessments, and proactive tuning of IPS/IDS, web filtering, and antivirus profiles Collaborate with compliance and risk teams to ensure firewall configurations meet regulatory requirements (e.g., PCI-DSS, HIPAA, SOC 2, ISO 27001) Mentor junior network security engineers and serve as a subject matter expert for escalations and architectural decisions Evaluate and recommend new Fortinet capabilities, firmware releases, and adjacent technologies to strengthen the organization''s security posture, Firewall uptime and availability SLAs are consistently met across all regional deployments Policy audit findings result in measurable reduction in rule-base risk exposure and unnecessary firewall openings Multi-region deployments and migrations are executed on schedule with zero unplanned production outages Security event detection and response times improve through FortiAnalyzer tuning and integration with SIEM/SOC tools Compliance audit findings related to firewall configuration are reduced year-over-year Documentation and runbooks are current, complete, and sufficient to support knowledge transfer and operational continuity

Requirements

7+ years of enterprise network security engineering experience, including 4+ years of hands-on Fortinet firewall administration and architecture Deep expertise in FortiGate firewall configuration, policy management, HA clustering, and multi-VDOM environments Proven experience managing Fortinet deployments across multiple geographic regions or data centers with FortiManager centralized management Strong experience with FortiAnalyzer for log management, security event correlation, and compliance reporting Solid understanding of networking fundamentals: BGP, OSPF, VLAN, VPN (IPSec/SSL), QoS, and routing protocols in a multi-site environment Experience designing and implementing Fortinet SD-WAN solutions for enterprise multi-site connectivity Familiarity with zero trust network access (ZTNA) principles and implementation within the Fortinet Security Fabric Experience integrating firewall environments with cloud platforms (AWS, Azure, or Google Cloud Platform), including FortiGate-VM and cloud-native security group management Strong understanding of network security frameworks, threat modeling, and defense-in-depth architecture Experience supporting compliance and audit activities related to firewall configuration (PCI-DSS, SOC 2, HIPAA, or similar) Fortinet NSE 4 certification (minimum); NSE 5, NSE 6, or NSE 7 strongly preferred Excellent documentation, communication, and cross-functional collaboration skills, Fortinet NSE 7 - Enterprise Firewall, SD-WAN, or Network Security Architect certifications Experience with Fortinet Security Operations Center (SOC) tools including FortiSIEM and FortiSOAR Background supporting global template or network standardization programs across diverse regional environments Experience with network automation and infrastructure-as-code tooling (Ansible, Terraform, Python scripting for Fortinet APIs) Familiarity with SASE architecture and cloud-delivered security services Additional vendor certifications (CCNP Security, Palo Alto PCNSE, or equivalent) demonstrating broad network security breadth Experience in regulated industries (financial services, healthcare, manufacturing) with associated compliance obligations Background in incident response and threat hunting using network traffic analysis and firewall telemetry

Apply for this position