L3 Network Security Engineer (Infrastructure Specialist)

Role:

Department:

Location:

Experience:

Type:

Role Overview

senior, infrastructure-heavy L3 Security Engineer

The ideal candidate must have deep hands-on experience with security appliances and tools, strong analytical skills, and the ability to support SOC teams with L3-level investigations.

Key Responsibilities

1. L3 Operational Support

• L3 escalation point



• 
  

  Handle advanced troubleshooting and deep-dive analysis for:

  
  

  • Firewalls

  
  

  • IDS/IPS

  
  

  • WAF

  
  

  • Proxy

  
  

  • Email gateways

  
  
  
  


• 
  

  Perform system health checks, upgrades, patches, and configuration audits.

2. Infrastructure Management

• 
  

  Ensure the stability, performance, and security of the following systems:

  
  
  • 
    

    Enterprise firewalls

  
  
  • 
    

    IPS/IDS platforms

  
  
  • 
    

    WAF appliances or cloud-based WAF

  
  
  • 
    

    Proxy servers or cloud proxies

  
  
  • 
    

    Secure Email Gateways

  
  
  
  


• 
  

  Monitor utilization, performance metrics, HA configurations, and redundancy.

3. Policy & Configuration Management

• 
  

  Review and optimize firewall, IPS, and proxy policies.



• 
  

  Manage and evaluate change requests for infrastructure modifications.



• 
  

  Apply best practices for access control, segmentation, and zero-trust implementation.

4. Incident Response Support (L3)

• 
  

  Support SOC teams by analyzing security events from infra devices.



• 
  

  Participate in incident bridge calls for major security issues.




• root cause analysis (RCA)

5. Threat Detection & Tuning

• 
  

  Tune firewall, IDS/IPS, WAF, and proxy rules to reduce false positives.



• 
  

  Enhance detection coverage and strengthen security controls.



• 
  

  Perform traffic analysis using logs, packet captures, and monitoring tools.

6. Documentation & Reporting

• 
  

  Maintain complete documentation of infrastructure components and configurations.



• 
  

  Prepare operational reports, incident summaries, and RCA documents.



• 
  

  Keep knowledge base updated for L1/L2 teams.

Required Technical Skills

Core Expertise (Mandatory)

• 
  

  Strong hands-on experience with:

  
  
  • 
    

    Next-Gen Firewalls (Cisco ASA/FTD, Palo Alto, Check Point, Fortinet)

  
  
  • 
    

    IDS/IPS platforms (Firepower, Snort, Suricata, Palo Alto Threat Prevention)

  
  
  • 
    

    WAF solutions (F5 ASM, Imperva, Cloudflare/Akamai WAF)

  
  
  • 
    

    Proxy technologies (Blue Coat, Zscaler, Squid)

  
  
  • 
    

    Email Security Gateways (Cisco ESA, Proofpoint, Mimecast)

  
  
  
  


• 
  

  Experience with routing, switching, IPSEC/SSL VPNs, DNS, DHCP.



• 
  

  Proficiency with log analysis tools and packet capture (Wireshark, tcpdump).

Preferred Tools Experience

(Any combination is acceptable)

• 
  

  FireEye appliances



• 
  

  Cisco ASA/Firepower



• 
  

  Cisco ISE



• 
  

  Arbor DDoS



• 
  

  AlgoSec/FireFlow

Soft Skills

• 
  

  Strong problem-solving and analytical skills.



• 
  

  Ability to handle high-severity incidents under pressure.



• 
  

  Excellent communication with cross-functional teams.



• 
  

  Good documentation and reporting skills.

Preferred Certifications

• 
  

  CCNP Security / CCIE Security



• 
  

  CISSP (added advantage)



• 
  

  GIAC (GCIA, GCIH, GCFA)



• 
  

  CEH / CHFI