Network Security Engineer L2-Firewall+IPS Technology

Job Summary

Key ResponsibilitiesOperational Support & Troubleshooting

• Provide 

  Level 2 (L2) support

   for complex issues related to firewalls and IPS/IDS, escalated from L1 teams.
• Perform in-depth 

  troubleshooting and analysis of security incidents

   using firewall logs, packet captures (e.g., Wireshark, TCP dump), and monitoring tools.
• Respond to and mitigate security incidents, such as unauthorized access attempts, malware outbreaks, or policy violations.
• Participate in a 

  24/7 on-call rotation

   schedule to ensure continuous network security coverage.

Configuration and Change Management

• Implement approved 

  changes, modifications, and rule set reviews

   on firewalls and IPS devices following the organization's change management process.
• Configure and manage 

  VPN (IPsec/SSL)

   tunnels, NAT (Network Address Translation) policies, and application control features.
• Perform 

  firmware upgrades and patching

   of security devices after thorough testing and approval.

Monitoring and Maintenance

• Conduct 

  daily/weekly/monthly health checks

   on all supported network security platforms (Firewalls, IPS).
• Monitor system performance metrics (CPU, memory utilization) and network traffic for anomalies and suspicious activities.
• Manage and maintain 

  configuration backups

   and ensure disaster recovery procedures are current and tested.

Documentation and Processes

• Maintain accurate and up-to-date documentation of network security configurations, diagrams, and Standard Operating Procedures (SOPs).
• Create and manage tickets in the Incident, Change, and Problem Management systems (e.g., ServiceNow).
• Provide guidance and mentorship to L1 engineers.

Required Skills and Technical Expertise

• Firewall Proficiency:

   Hands-on experience with major firewall vendors such as 

  Palo Alto Networks, Fortinet, Cisco (ASA/FTD), Check Point, or Juniper

  .

• IPS/IDS Experience:

   Proven knowledge of Intrusion Prevention/Detection Systems (e.g., Cisco Sourcefire, McAfee, Snort), including signature management and policy optimization.

• Networking Fundamentals:

   Strong understanding of networking protocols and technologies, including TCP/IP, DNS, DHCP, BGP, OSPF, and VLANs.

• Security Concepts:

   Knowledge of VPN technologies (Site-to-Site, Remote Access), Web Filtering, URL Filtering, and Application Control.

• Tools:

   Experience with network monitoring (e.g., SolarWinds, Nagios) and packet analysis tools (e.g., Wireshark).

• Operating Systems:

   Familiarity with Windows and Linux operating systems in a networked environment.

Qualifications and Certifications

• Experience:

   Minimum of 

  3-5 years

   of hands-on experience in network security, specifically with firewalls and IPS administration.

• Education:

   Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent practical experience).

• Certifications (Preferred):

  CCNP Security