Sr. Network Security Engineer

As a L2 Network Security professional, you will be responsible for advanced troubleshooting and incident analysis to ensure the security of the network. This includes performing in-depth analysis of network security incidents such as DDoS attacks, firewall breach attempts, and malware communication. You will investigate alerts escalated by L1 support and analyze traffic patterns, logs, and system behavior for potential threats. Additionally, you will utilize packet analysis tools like Wireshark and tcpdump to investigate suspicious traffic. Your key responsibilities will include implementing and managing firewall policies for devices such as Palo Alto, Fortinet, and Cisco ASA. You will review and refine firewall rules to minimize false positives and enhance the security posture. In addition, you will be involved in incident response and mitigation by acting as the first responder in critical security incidents and collaborating with the SOC team to contain and remediate threats. You will also work with L3 and Threat Intelligence teams for advanced threat mitigation. Furthermore, you will review and implement network security changes as part of the change control process, deploy updates, patches, and configuration adjustments in firewalls, IDS/IPS, and VPNs, and test and validate the impact of changes before implementation. You will also be responsible for log analysis and correlation, analyzing logs from various systems and correlating events across multiple systems to identify attack patterns. As part of your role, you will tune IDS/IPS signatures and firewall rules to reduce noise and increase accuracy, ensure the health and performance of network security devices, and collaborate on SIEM tuning to enhance detection capability. You will also serve as the escalation point and provide support to the L1 team, guiding them on SOPs, investigation techniques, and tool usage. Additionally, you will configure and troubleshoot site-to-site and client VPNs, investigate failed VPN connections, authentication issues, and access violations. Your role will also involve supporting security audits and compliance efforts by providing logs, reports, and evidence, and ensuring compliance with security policies, standards, and regulations such as ISO 27001, PCI-DSS, and NIST. Qualifications Required: - Strong understanding of TCP/IP, routing protocols, NAT, ACLs - Firewall architecture, DMZ, proxy servers - IDS/IPS concepts, VPN, IPSec, SSL Benefits include health insurance, life insurance, paid sick time, and Provident Fund. This is a full-time, permanent position with a day shift schedule. The work location is in person.,