Network Security Engineer II

We are seeking a Network Security Engineer II to join our infrastructure team. This role requires experience in the security space for someone who can seamlessly navigate traditional hardware, software-defined networking, and advanced load-balancing solutions. You will be the primary administrator for our high-availability security stack, with a specific focus on Cisco (ASA/Firepower/ISE), Palo Alto, F5 BIG-IP, and VMware NSX.

Location: India

Responsibilities

• Lead the migration, configuration, and maintenance of Cisco ASA (Classic) and Firepower (FTD) systems, while managing a robust Palo Alto environment via Panorama.
• Design and manage F5 BIG-IP solutions, focusing on LTM (Local Traffic Manager) for load balancing and ASM/WAF (Application Security Manager) for protecting web applications.
• Implement and manage micro-segmentation policies and virtualized security services within VMware NSX (T/V) environments.
• Architect strategies to transition legacy Cisco ASA rulesets to Cisco Firepower or Palo Alto NGFWs without service disruption.
• Act as the highest escalation point for complex network outages, security breaches, or performance degradation across the global fabric.
• Provide exceptional customer support via phone and ticketing systems.
• Own level-appropriate customer requests and issues, seeing them through to resolution.
• Handle support escalations from other engineers and teams as per escalation procedures.
• Collaborate with Service Delivery Managers and Account Executives to build strong customer relationships.
• Work closely with customers during the pre-implementation phase to design and architect solutions.
• Coordinate with implementation teams to quality-check deployments and perform initial vulnerability assessments.
• Research, plan, and coordinate complex maintenance activities.
• Participate in Root Cause Analysis (RCA) exercises to drive process and technology improvements.
• Share knowledge with other administrators and engineers via documentation and training sessions.
• Contribute to the development of technical best practices.
• Prepare and review policy and process standards.
• Communicate effectively (verbal and written) with customers and internal stakeholders, including presentations.
• Be available for flexible working hours (24x7x365 coverage, including weekends and holidays).

Requirements

• Advanced knowledge of Cisco ASA (CLI/ASDM) and Firepower Threat Defense (FTD) managed via FMC.
• Deep experience with Palo Alto NGFW features (App-ID, User-ID, SSL Decryption).
• Proficiency in F5 BIG-IP, including iRules development, SSL offloading, and traffic steering.
• Hands-on experience with VMware NSX, including distributed firewalls (DFW) and edge gateways.
• Strong knowledge of TCP/IP, BGP, OSPF, and deep packet inspection.
• Candidates must hold industry-recognized certifications: CCNA Security (Required), CCNP Security (Highly Preferred), Specialist certifications in Firepower or ASA (Plus), PCNSE (Highly Preferred), F5-CTS, VCP-NV.