Network Security Engineer

1. Job Description :

The Global Network Security (NetSec) Policy Engineer is responsible for governing, defining, and enforcing enterprise-wide network security policies and standards across global environments (on-premise and cloud).

The engineer will provide services as an initial entry point for customer's network security requests and coordinating delivery of requests with the appropriate security controls, the key components of the role are to define and support policies to enforce security required and best practices for external connections and for firewalls, stewards and maintains relationships with appropriate owners of connections to ensure controls and risks are appropriate understood and mitigated.

The role focuses on policy port opening request approval, policy governance, security risk assessment, firewall and external connectivity control, lifecycle management of network connections, and continuous improvement of security processes through automation and standardization.

The candidate will utilize strong communication skills as well as enterprise level understanding of network and security technologies to deliver solutions that are both technically sound and supportable.

2.Job Responsibilities :

Governance & Policy Management

Define, maintain, and enforce Global Network Security Required & Best Practices.

Perform periodic certification and re-certification of regional and global network connections in accordance with corporate and regulatory guidelines.

Ensure external connectivity, firewall rules, and network segmentation adhere to security standards and risk appetite.

Maintain documented policies, standards, and control frameworks aligned with enterprise security governance.

Request & Change Management

Serve as the initial intake point for network security requests (e.g., firewall rules, external connections, VPN, cloud connectivity).

Coordinate implementation with Network Service Providers and relevant infrastructure teams.

Participate in Port Opening Review Committees and provide formal security approval to implement endorsed requests.

Reviewing projects to ensure that new projects identify any potential network security issues that need to be addressed early in the project life cycle to ensure security requirements are embedded early in project lifecycle (shift-left security approach).

Risk & Compliance

Conduct security risk assessments for new and existing network connections.

Act as the NetSec interface for penetration testing, PCI assessments, and internal/external audits.

Identify control gaps and drive remediation actions with accountable teams.

Support regulatory and compliance requirements (e.g., PCI-DSS, ISO, internal security frameworks).

Consulting with the business on network security issues and participating in formal controls assessments.

Cloud & Modern Network Security

Review and govern AWS/Azure connectivity, hybrid networking, and cloud firewall implementations.

Ensure secure design for SD-WAN, VPN, remote access, and zero-trust related initiatives.

Collaborate with DevOps teams to integrate security controls into CI/CD and infrastructure automation pipelines.

Process Improvement & Automation

Drive automation and standardization of firewall rule reviews, recertification processes, and reporting.

Utilize tools such as ServiceNow, AlgoSec, Splunk, Terraform, or equivalent platforms to improve operational efficiency.

Develop dashboards and reporting metrics for management visibility.

Stakeholder Engagement

Provide consultation to business units on network security requirements and risk mitigation.

Communicate technical risks in business-friendly language to global stakeholders.

Collaborate across regions and time zones as part of a global governance model.

3.Primary skill set :-

1. Enterprise Network Security & Firewall Governance

Deep understanding of firewall technologies (Cisco ASA, Fortinet, Palo Alto or equivalent)

IPS/IDS, VPN, network segmentation, external connectivity controls

Firewall rule lifecycle management & recertification processes

2. Network Architecture & Protocol Knowledge

Strong understanding of TCP/IP, OSI model, DNS, DHCP

Routing & Switching (L2/L3), WAN/LAN concepts

Dynamic routing protocols and secure network design principles

3. Security Risk & Policy Governance

Experience in defining and enforcing security standards and best practices

Risk assessment methodology for network changes

Understanding of compliance frameworks