Senior Network Security Engineer page is loaded

Senior Network Security Engineer

Solicitar locations Estados Unidos, Connecticut, Orange posted on Publicado hace 2 días time left to apply Fecha final: 19 de marzo de 2025 (Quedan 4 días para realizar la solicitud) job requisition id R-15346

Job Title: Senior Network Security Engineer

Department: Information Technology

Reports to: Director - Network Technology
Location: In Office , Orange CT

The base salary range for this position is dependent upon experience and location, ranging from: $114,332.80 - $142,916

Job Summary

We are seeking a highly skilled Senior Network Security Engineer to join our team and play a key role in securing, optimizing, and transforming our enterprise network infrastructure. The ideal candidate will have deep expertise in firewall security, NAT, IPSEC, SD-WAN, routing protocols (EIGRP, BGP, OSPF), and cloud security solutions. This position will focus on managing and enhancing our security infrastructure, which includes:

• Cisco ASA, Checkpoint, Fortinet FortiGate, Palo Alto Firewalls.
• Radware for DDoS protection.
• Zscaler ZIA/ZPA for cloud security.
• SD-WAN for optimized global connectivity.
• EIGRP, BGP, and OSPF-based network routing.
• NAT policy design and implementation.

A key initiative for this role is leading the migration from Checkpoint to Fortinet firewalls while ensuring seamless network security operations. Additionally, the engineer will support and enhance our SD-WAN deployment for optimized global connectivity and application performance.

Key Responsibilities

• Lead the migration from Checkpoint to Fortinet, including policy conversion, rule optimization, and traffic validation.
• Manage and maintain Cisco ASA, Palo Alto, Fortinet, and Checkpoint firewalls across corporate, cloud, and remote sites.
• Design and optimize firewall rule sets for improved security, performance, and compliance.
• Perform risk assessments and firewall audits to ensure network security best practices.
• Manage and optimize SD-WAN architecture to improve application performance and reduce latency.
• Implement policy-based traffic steering, failover mechanisms, and WAN optimization.
• Ensure seamless integration between SD-WAN, firewalls, cloud security solutions, and on-prem networks.
• Troubleshoot SD-WAN performance issues, routing conflicts, and connectivity problems.
• Work with network and security engineers to ensure secure connectivity between on-premises, branch locations, and cloud.
• Design and implement NAT policies, including static NAT, dynamic NAT, and PAT (Port Address Translation).
• Configure and troubleshoot EIGRP, BGP, and OSPF for enterprise and cloud routing.
• Optimize routing policies to ensure high availability, redundancy, and performance.
• Work closely with the network engineering team to enhance SD-WAN, inter-site, and cloud connectivity.
• Administer and optimize Zscaler ZIA/ZPA solutions for secure cloud access and web filtering.
• Implement zero-trust security policies for cloud applications and remote users.
• Troubleshoot Zscaler tunnels, proxy configurations, and application access issues.
• Implement and maintain Radware DDoS protection to safeguard network infrastructure from volumetric and application-layer attacks.
• Configure IPS/IDS solutions to detect and mitigate security threats.
• Work with SOC teams to analyze and respond to security incidents.
• Lead firewall, SD-WAN, NAT, and routing issue troubleshooting affecting business-critical applications.
• Perform packet capture analysis and use security logs to diagnose network issues.
• Work with vendors (Cisco, Fortinet, Palo Alto, Zscaler) to resolve complex technical issues.
• Develop and enforce firewall and network security policies in compliance with NIST, CIS benchmarks, and ISO 27001 standards.
• Conduct regular security audits and risk assessments.
• Maintain up-to-date documentation of firewall rules, SD-WAN policies, and security configurations.
• Develop scripts (Python, Bash, PowerShell) for automating firewall audits and SD-WAN policy updates.
• Optimize firewall and SD-WAN policies to reduce latency and improve efficiency.
• Implement network automation frameworks to streamline security operations.

Required Skills & Experience

• 5-8 years of experience in network security engineering.
• Expertise in Fortinet FortiGate, Checkpoint, Palo Alto, and Cisco ASA firewalls.
• Strong knowledge of SD-WAN solutions (Fortinet SD-WAN, Cisco SD-WAN, Prisma Access).
• Experience configuring and troubleshooting EIGRP, BGP, and OSPF routing protocols.
• Hands-on experience managing Zscaler ZIA/ZPA for cloud security.
• Proficiency in VPN technologies (IPSec, SSL, GRE, DMVPN, L2TP) and their security implications.
• Strong skills in NAT, firewall rule optimization, and routing table analysis.
• Experience with Radware DDoS protection, IPS/IDS, and threat mitigation.
• Knowledge of zero-trust security architectures and secure SD-WAN implementation.
• Strong analytical skills for troubleshooting network security issues, including packet captures and firewall logs.

Preferred Qualifications

• Certifications : Fortinet NSE 4/7, Checkpoint CCSA/CCSE, Palo Alto PCNSA/PCNSE, Cisco CCNP Security, Zscaler ZCCP, SD-WAN certifications.
• Experience with AWS, Azure, and GCP cloud security best practices.
• Familiarity with SIEM solutions for security event monitoring.
• Experience automating security tasks using Python, Ansible, or Terraform.

Company: AVANGRID MANAGEMENT COMPANY, LLC.

Información Movilidad
Tenga en cuenta que cualquier solicitante que no sea ciudadano del país de la vacante estará sujeto al cumplimiento de los requisitos de inmigración aplicables para trabajar legalmente en ese país.

Las prácticas y políticas de empleo de AVANGRID están orientadas a la contratación de una plantilla diversa y al mantenimiento de una cultura inclusiva.
En AVANGRID ofrecemos oportunidades de empleo y promoción justas y equitativas a todos los empleados y candidatos independientemente de su raza, color, religión, nacionalidad, sexo, orientación sexual, edad, estado civil, discapacidad, condición de veterano protegido o cualquier otra condición protegida por la legislación federal, estatal o local. Obtenga más información sobre igualdad en el empleo en este enlace.

Si usted es una persona con una discapacidad o un veterano discapacitado que no puede utilizar nuestra herramienta en línea para buscar o aplicar a un empleo, puede solicitar una adaptación razonable poniéndose en contacto con nuestro departamento de Recursos Humanos en el 203-499-2777 o en

March-19-2025

Avangrid is a leading sustainable energy company transitioning America toward a clean and connected future. Headquartered in Orange, CT, Avangrid has a footprint in 24 states with $41 billion in assets. Our primary businesses are Networks, which serves 3.3 million electric and natural gas customers in the Northeast, as well as Renewables which is the third-largest renewable energy company in the U.S. with a diverse onshore and offshore renewable energy portfolio. With more than 8,000 employees, Avangrid has built a culture that blends diversity, equity and inclusion guided by the company’s ESG+F framework and the UN Sustainable Development Goals. This has led to recognition by JUST Capital for four consecutive years and, in 2024, we achieved an overall 12th place out of 937 companies and #1 in the utility sector thus demonstrating our commitment to the environment and the communities we serve. Avangrid has also been named one of the World’s Most Ethical Companies for five consecutive years by the Ethisphere Institute.