Role:
L3 Network Security Engineer
Department:
Cybersecurity / Infrastructure Security Operations
Location:
(Specify)
Experience:
5–10 Years
Type:
Full-Time
Role Overview
This role requires a
senior, infrastructure-heavy L3 Security Engineer
responsible for advanced operational management and troubleshooting of
network firewalls, IDS/IPS, WAF, proxies, and secure email gateways
. The engineer will act as the final technical escalation point for critical network security issues and play a key role in maintaining and optimizing the enterprise security infrastructure.The ideal candidate must have deep hands-on experience with security appliances and tools, strong analytical skills, and the ability to support SOC teams with L3-level investigations.
Key Responsibilities
- L3 Operational Support
- Serve as the L3 escalation point for network security infrastructure issues.
- Handle advanced troubleshooting and deep-dive analysis for:
- Firewalls (rules, NAT, VPNs, routing issues)
- IDS/IPS (signature tuning, alert analysis)
- WAF (policies, false-positive reduction, rule adjustments)
- Proxy solutions (URL filtering, SSL interception, policy enforcement)
- Email gateways (anti-phishing, anti-spam, delivery issues)
- Perform system health checks, upgrades, patches, and configuration audits.
- Infrastructure Management
- Ensure the stability, performance, and security of the following systems:
- Enterprise firewalls
- IPS/IDS platforms
- WAF appliances or cloud-based WAF
- Proxy servers or cloud proxies
- Secure Email Gateways
- Monitor utilization, performance metrics, HA configurations, and redundancy.
- Policy & Configuration Management
- Review and optimize firewall, IPS, and proxy policies.
- Manage and evaluate change requests for infrastructure modifications.
- Apply best practices for access control, segmentation, and zero-trust implementation.
- Incident Response Support (L3)
- Support SOC teams by analyzing security events from infra devices.
- Participate in incident bridge calls for major security issues.
- Conduct root cause analysis (RCA) after incidents related to infrastructure components.
- Threat Detection & Tuning
- Tune firewall, IDS/IPS, WAF, and proxy rules to reduce false positives.
- Enhance detection coverage and strengthen security controls.
- Perform traffic analysis using logs, packet captures, and monitoring tools.
- Documentation & Reporting
- Maintain complete documentation of infrastructure components and configurations.
- Prepare operational reports, incident summaries, and RCA documents.
- Keep knowledge base updated for L1/L2 teams.
Required Technical Skills
Core Expertise (Mandatory)
- Strong hands-on experience with:
- Next-Gen Firewalls (Cisco ASA/FTD, Palo Alto, Check Point, Fortinet)
- IDS/IPS platforms (Firepower, Snort, Suricata, Palo Alto Threat Prevention)
- WAF solutions (F5 ASM, Imperva, Cloudflare/Akamai WAF)
- Proxy technologies (Blue Coat, Zscaler, Squid)
- Email Security Gateways (Cisco ESA, Proofpoint, Mimecast)
- Experience with routing, switching, IPSEC/SSL VPNs, DNS, DHCP.
- Proficiency with log analysis tools and packet capture (Wireshark, tcpdump).
Preferred Tools Experience
(Any combination is acceptable)
- FireEye appliances
- Cisco ASA/Firepower
- Cisco ISE
- Arbor DDoS
- AlgoSec/FireFlow
Soft Skills
- Strong problem-solving and analytical skills.
- Ability to handle high-severity incidents under pressure.
- Excellent communication with cross-functional teams.
- Good documentation and reporting skills.
Preferred Certifications
- CCNP Security / CCIE Security
- CISSP (added advantage)
- GIAC (GCIA, GCIH, GCFA)
- CEH / CHFI
Skills: infrastructure,waf,firewalls,skills,security,email,ids,proxy,network security,ips
