Cloud Network Consultant

Job Description Cloud Network & Security Engineer (Onshore)Location: Dallas, TX or surrounding areas (Hybrid/Onsite as required)Must have Skills: -Any 1 Option is RequiredOption 1 – Checkpoint + Zscaler (ZIA & ZPA) + Aruba ClearPassOption 2 - Checkpoint + Zscaler (ZIA & ZPA) + Cloudflare WAFRole OverviewThe Network & Security Engineer is a senior hands-on technical role responsible for designing, building, and operating large-scale multi-cloud networking, WAF, and security platforms. This role is highly technical, execution-focused, and serves as the senior-most individual contributor, partnering closely with client architects, application teams, and offshore engineers. Key ResponsibilitiesManage day-to-day Operations according to customer environmentOrganizational Functions:Develop and implement network security architecture, policies, and procedures to protect against threats.Should be able to provide L3 level support on critical/Outage situation and drive end to end until the resolution.Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP).Should have Strong expertise in:Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure.Should have good working experience on checkpoint VPN (S2S & Remote access).Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection.Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols.Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services.Resolve complex authentication failures, latency issues, and TACACS+ service issues.Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation.Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler's cloud security concepts.Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows.Deep understanding of Zero Trust Network Access (ZTNA), Firewalls, and IPSec/SSL VPNs.Manage day-to-day Operations according to customer environmentOrganizational Functions:Develop and implement network security architecture, policies, and procedures to protect against threats.Should be able to provide L3 level support on critical/Outage situation and drive end to end until the resolution.Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP).Should have Strong expertise in:Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure.Should have good working experience on checkpoint VPN (S2S & Remote access).Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection.Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols.Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services.Resolve complex authentication failures, latency issues, and TACACS+ service issues.Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation.Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler's cloud security concepts.Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows.Deep understanding of Zero Trust Network Access (ZTNA), Firewalls, and IPSec/SSL VPNs.Create and maintain comprehensive documentation related to network security infrastructure and procedures following the NIST and CIS standards.Identify the in-efficiencies in the operations and identify potential solutions to improve efficiency.Own and drive improvements in the areas of Operations, technology, Advisory and customer satisfaction.Stay up to date on emerging security threats, technologies, and industry trends.Manage and mentor a team of network security engineers and analysts.One should identify possible automation capabilities, their executionwithin the network security products and process and deliver across multiple customer environments.Should be cross-skilled across multiple technologies covering products like Firewalls, Web-Proxies, as well as cloud security products (AWS, Azure, GCP etc.) Should prepare weekly and monthly performance reports across multiple customer environments (people, technologies, Process Gaps, Risk, RAG status etc.)Should be able to conduct internal training to address the skill gap as well as motivate the team to do technical certifications.1. Firewalls (Checkpoint)2. NAC – Aruba Clearpass3. Web application Firewall – Cloudflare4. Web-Proxy -Zscaler (ZIA/ZPA/ZDX)5. Email Security – Abnormal AI6. Load balancer – F5 BIG-IPDisclaimerHCL is an equal opportunity employer, committed to providing equal employment opportunities to all applicants and employees regardless of race, religion, sex, color, age, national origin, pregnancy, sexual orientation, physical disability or genetic information, military or veteran status, or any other protected classification, in accordance with federal, state, and/or local law. Should any applicant have concerns about discrimination in the hiring process, they should provide a detailed report of those concerns to secure@hcltech.com for investigation.Compensation and BenefitsA candidate’s pay within the range will depend on their work location, skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, this role is eligible for the following benefits subject to company policies: medical, dental, vision, pharmacy, life, accidental death & dismemberment, and disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year); and 10 paid holidays per year.