Network Security Engineer

Overview of the Role

Roles and Responsibilities

• Manage secure and redundant routing and switching infrastructure to ensure 24x7 availability of critical services.
• Implement network segmentation to enhance security, improve performance, and isolate faults across departments.
• Ensure VPN connectivity (IPSec/SSL) for remote offices and departments in line with security policy frameworks.
• Deploy, configure, and maintain Next Generation Firewalls (NGFWs) for traffic inspection, threat prevention, and application control.
• Operate Anti-DDoS solutions to counter volumetric and protocol-based attacks.
• Enforce Web Application Firewall (WAF) protections for public-facing applications and servers.
• Utilize Anti-APT solutions to detect, analyze, and contain advanced persistent threats.
• Administer Software and Link Load Balancers to ensure service uptime and bandwidth optimization across multiple ISP connections.
• Design and maintain high-availability security architectures for critical enterprise applications.
• Deploy and manage Endpoint Security tools including antivirus, device control, and policy enforcement for desktops, laptops, and servers.
• Monitor and control sensitive data using Data Loss Prevention (DLP) tools aligned with organizational data classification guidelines.
• Integrate and operate EDR/XDR solutions for continuous endpoint monitoring and incident response.
• Implement malware protection tools for both end-user and server environments.
• Enforce Access Control Policies including role-based access, least privilege, and scheduled access reviews.
• Implement data encryption standards and manage secure key handling and PKI-based authentication mechanisms.
• Operate Intrusion Detection/Prevention Systems (IDS/IPS) to identify and mitigate malicious traffic.
• Analyze logs and security events using SIEM tools to uncover policy violations and emerging threats.
• Lead incident response efforts in coordination with CERT-In, Third Party Auditors (TPA), and MeitY in case of security breaches.

Desired Skills/Background

• Certifications: CCNP Security, Fortinet NSE, or JNCIS-SEC (mandatory).
• Strong grasp of network and cybersecurity principles, standards, and best practices.
• Hands-on experience with firewalls, VPNs, IDS/IPS, load balancers, DLP, SIEM, EDR/XDR, and endpoint protection technologies.
• Excellent analytical, problem-solving, and troubleshooting capabilities.
• Ability to manage complex, high-availability security architectures in enterprise-scale environments.
• Proven experience in incident handling, root cause analysis, and working with regulatory bodies and third parties.