Network Security Engineer

Job Description

As a Network Security DevOps Engineer, you will play a critical role in designing, engineering, and managing the enterprise network security posture. You will ensure that the network infrastructure aligns with corporate security policies and standards, protecting against evolving cyber threats. This role involves operating and maintaining key security technologiessuch as firewalls, IDS/IPS, and other advanced controlswhile applying DevOps principles to drive automation, scalability, and resilience.

You will collaborate closely with network, infrastructure, application, and cybersecurity teams to support and enhance ExxonMobil's global IT services.

Key Responsibilities

Design, implement, and manage network security strategies across Data Centers, COLOs, and branch offices.

Research and recommend industry best practices and emerging technologies in network security.

Operate and maintain security appliances (Fortinet, Cisco, Juniper), including upgrades and patching.

Build and manage network security infrastructure using DevOps practices and automation tools.

Contribute to the Zero-Ops vision by developing solutions that reduce manual intervention and improve operational efficiency.

Support security operations: monitoring, analysis, incident response, and vulnerability management.

Evaluate security advisories and vulnerabilities, providing timely recommendations and mitigations.

Participate in ad-hoc vulnerability assessments and response planning.

Coordinate with stakeholders across Cybersecurity, Projects, and internal customers.

Develop and maintain operational processes and documentation for ongoing support and hygiene.

Qualifications

Minimum 3 years of hands-on experience in network security.

Proficient with security platforms: Cisco ASA (CSM), FTD (FMC), FortiGate (FortiManager), Juniper SRX (Junos Space).

Strong understanding of networking fundamentals: TCP/IP, OSI model, routing/switching, ACLs.

Familiarity with security technologies: firewalls, VPNs, IDS/IPS, encryption, authentication, vulnerability management, and incident response.