Network Security Engineer

Booking.com is seeking an experienced Network Security Engineer with strong foundational knowledge in networking, solid security principles, and ideally some automation skills to join our Cross-geographical Network Security team. In this role, you will collaborate closely with global teams across Security, Infrastructure, and broader IT to support and strengthen Booking.com’s evolving technology landscape. You will have the opportunity to help shape and secure a highly reliable network environment through improved monitoring, automation, and best-in-class security practices. With a global network presence, this position is perfect for professionals who thrive on complex challenges and want to contribute to the growth and success of a rapidly expanding organization.

As part of our commitment to making it easier for everyone to experience the world, your work will directly support the secure and seamless operation of the platform that millions of travelers rely on daily. By enhancing the resilience and security of our network, you help ensure that customers, partners, and employees enjoy a safe, reliable, and frictionless experience worldwide.

At Booking.com, we believe that the passion and talent of our employees drive exceptional performance. We offer a dynamic, innovative, and collaborative work environment that encourages experimentation, growth, and excellence. Our global scale, dedication to people, and high standards of integrity make Booking.com an inspiring and rewarding place to build your career.

We are looking for a Network Security Engineer to join our team at the Bangalore Center of Excellence. As a key member of the team, you will have the opportunity to design, deliver, and maintain the network and security solutions that power our platform across the globe.

B.Responsible

• 
  Provide strategic guidance for security and hardening initiatives

• Enable preventative security measures on the infrastructure by reviewing, architecting and engineering the appropriate solutions

• Design, implement, and maintain network security controls across on-premises and cloud environments (AWS, Azure, GCP, etc.).

• Monitor and maintain our systems and services

• Monitor network traffic for anomalies, potential threats, and vulnerabilities.

• Collaborate with Security, Infrastructure, and Engineering teams to assess risk and implement mitigation strategies.

• Configure and manage firewalls, VPNs, IDS/IPS, WAFs, and other network security tools.

• Conduct network vulnerability assessments and penetration testing in coordination with Red/Blue/Purple teams.

• Implement automation and orchestration to improve security operations and efficiency.

• Ensure compliance with security frameworks such as PCI DSS, NIST, ISO 27001, or other relevant standards.

• Participate in incident response, troubleshooting, and post-incident analysis.

• Develop, iterate and report relevant network security coverage metrics

• Maintain documentation and provide training or guidance to junior engineers or other teams.

• Increase security awareness within the Tech department via trainings, tech talks, verbal guidance and documentation

• Be capable of working proactively and independently in your day-to-day role

• Communicate and collaborate effectively with stakeholders

• Challenge ideas and methods while working together with talented, highly skilled team members

• Help team members to improve their skills by providing technical guidance

• This role may require to be on an on-call rotation

B.skilled

• 
  Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).

• 3–5 years of experience within the Network and Security domain.

• Solid fundamentals in networking and security concepts.

• Hands-on experience with network protocols, routing, switching, VPNs, and network monitoring tools, including BGP, IPv6, VXLAN, EVPN, IPSec, SSL VPN, SSL Decryption, 802.1x, User-ID, Threat Prevention, and Posture.

• Detailed knowledge of firewalls, proxies, VPNs, including Next-Generation Firewalls.

• Experience with Palo Alto devices, Panorama, GlobalProtect.

• Exposure to other network and security vendors such as Juniper, Cisco, and Arista.

• Practical knowledge of cloud security (AWS, Azure, GCP) and hybrid network architectures.

• Solid exposure to AWS network resources: Transit Gateways, VPCs, Subnets, Route Tables, NAT Gateways, Internet Gateways, VPNs, Direct Connect, etc.

• Experience in design, implementation, migrations, and support of large global networks, including corporate networks.

• Hands-on experience with network monitoring, logging, and data analysis.

• Understanding of security frameworks and compliance standards (PCI DSS, NIST, ISO 27001, etc.).

• Knowledge of Zero Trust, BeyondCorp, and SSE architectures.

• Knowledge of ClearPass and Aruba is nice to have.

• Professional-level certifications such as CCNP/SEC, JNCIP/SEC, PCNSE are a plus.

• Experience in automation and scripting is a plus.

• Strong problem-solving skills, attention to detail, and ability to communicate complex security concepts to technical and non-technical stakeholders.