L2 Network Security Engineer

Location:

Role Overview

skilled and proactive L2 Network Security Engineer

maintaining, monitoring, and enhancing the security posture

implementation, administration, and troubleshooting

firewalls, VPNs, IDS/IPS, and SIEM tools

incident response

Key Responsibilities

• Security Device Management
• Configure, deploy, and administer firewalls (e.g., Palo Alto Networks, Cisco ASA, Fortinet, Check Point), IDS/IPS, VPN gateways, and other network security appliances.
• Perform routine maintenance, including firmware upgrades, patching, and health checks of security devices.
• Maintain detailed documentation of configurations, policies, and operational procedures.
• Monitoring & Alerting
• Monitor security alerts and logs using SIEM tools (e.g., Splunk, QRadar, ArcSight) to detect and investigate anomalies.
• Analyze alerts, correlate events, and escalate incidents as per defined SOPs.
• Develop and optimize monitoring rules, correlation policies, and dashboards to enhance visibility and detection.
• Incident Response & Troubleshooting
• Serve as a primary escalation point for L1 security incidents and ensure timely resolution.
• Troubleshoot complex network security issues, including connectivity, access control, and policy conflicts.
• Collaborate with Network Operations and Infrastructure teams to remediate cross-functional security issues.
• Policy & Compliance
• Assist in the implementation and enforcement of network security policies, standards, and procedures.
• Ensure adherence to compliance frameworks such as ISO 27001, NIST, and GDPR.
• Execute configuration changes through established change management processes.
• Vulnerability Management
• Participate in vulnerability assessments and penetration testing activities.
• Support remediation efforts by coordinating with relevant teams and tracking closure.
• Documentation & Reporting
• Create and maintain comprehensive documentation on network security designs, incident handling, and device configurations.
• Prepare regular reports on incidents, vulnerabilities, and overall security posture for management review.
• Collaboration & Training
• Work closely with L1 and L3 teams to ensure seamless operations and effective knowledge transfer.
• Provide mentorship, guidance, and technical training to junior staff.
• Stay updated with emerging threats, vulnerabilities, and security technologies.
  

Qualifications And Skills

Education

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Equivalent work experience and certifications may be considered.
  

Experience

• 6–10 years of hands-on experience in network security engineering or administration.
• Strong experience managing enterprise firewalls (Palo Alto, Cisco ASA, Fortinet, Check Point).
• Hands-on experience with IDS/IPS, VPNs, and endpoint security technologies.
• Familiarity with network protocols (TCP/IP, DNS, HTTP/S, UDP) and routing protocols (OSPF, BGP).
• Exposure to SIEM solutions such as Splunk, QRadar, or ArcSight (preferred).
  

Technical Skills

• Deep understanding of network security concepts — access control, segmentation, encryption, threat detection, and incident response.
• Proficiency in analyzing network traffic and interpreting security logs.
• Scripting knowledge (Python, PowerShell) for automation is a plus.
• Hands-on experience with VPN technologies, firewall policies, and rule optimization.
  

Certifications (Preferred)

• CCNA (Cisco Certified Network Associate) or equivalent certification.
• CompTIA Security+, Palo Alto PCNSA, Fortinet NSE, or Checkpoint CCSA (added advantage).
• ITIL Foundation Certification preferred.
  

Soft Skills

• Strong analytical, troubleshooting, and decision-making capabilities.
• Excellent communication and interpersonal skills.
• Ability to work under pressure and within 24x7 operational environments.
• Strong sense of ownership, accountability, and attention to detail.