Network Security Engineer

Network and Security Engineer. This role provides advanced technical and engineering experience to support network and security solutions throughout the firm.Responsibilities include the following, but are not limited to:Design, implement, and maintain secure network architectures aligned with Zero Trust principles, firm policies and regulatory requirements.Design, implement, and maintain enterprise network architecture, including LAN, WAN, SD-WAN, Wi-Fi, and Azure.Actively support the firm’s ISO 27001 Information Security Management System, including implementation, maintenance, and continual improvement of information security controls.Working closely with cybersecurity vendors deploying, configuring, and managing firewalls, Core network infrastructure, IDS/IPS, DLP, PKI, network monitoring, alerting, and intrusion detection.Control and monitor traffic flows and enforce least-privilege accessAdminister multi-factor authentication (MFA), enterprise authentication (SAML/SSO), and content monitoring/filtering.Administer and maintain endpoint detection and response (EDR) platforms.Ensure consistent endpoint security policy enforcement across all managed devicesConduct regular vulnerability scans across network, systems, and applications. In addition to the essential functions and duties listed above, all positions are also responsible for:Meeting firm standards pertaining to quantity and quality of work performed on an ongoing basis, performing all work-related tasks in a manner that is in compliance with all firm policies and procedures.QualificationsExperience:·6+ years of hands-on network and security engineering experience Education:Associates, Technical School or bachelor’s degree in computer science/information technology Specialized Knowledge and Skills:Minimum of 4 years of hands-on experience in security engineering, security architecture, or a similar roleStrong background across routing, switching, and data center networkingDeep understanding of protocols and architecture (BGP, ACLS, 802.1X, etc.)Wireless network design, implementation, and troubleshooting.Solid foundation in core security principles, including network security, application security, identity and access management (IAM), data encryption, vulnerability management, and incident response.Proven experience designing and implementing security architecture across Microsoft Azure, M365 and on-premises environments.Hands-on experience with enterprise security platforms including CrowdStrike, Tenable One, Sumo Logic, Egress, Microsoft Purview and Microsoft Defender.Strong analytical and problem-solving with the ability to proactively identify, assess, and mitigate security risks.Excellent verbal and written communication skills with the ability to collaborate effectively across technical and non-technical teams Licenses & CertificationsCCNP, CISSP, CISM, CCSP, or similar certification desired