site stats

Network Security Engineer

Job Description

Position Overview

The Network Security Engineer role sits within the Information Technology Department and exists to keep the organization's WAN, LAN, voice, and cloud infrastructure running efficiently, reliably, and securely. While the role retains the full scope of traditional network engineering, this description places heightened emphasis on cybersecurity operations and Microsoft Azure security, reflecting the organization's continued shift toward hybrid and cloud-hosted infrastructure.

The successful candidate will partner with third-party providers and internal IT leadership to defend the network and cloud environment against malware, intrusion, and emerging cyber-threats; maintain firewalls, identity controls, and access policies; ensure reliable backups and disaster recovery; and act as a key contributor to the organization's overall security posture across both on-premises and Azure-hosted resources.

Cybersecurity & Azure Security Responsibilities (Primary Emphasis)

• Lead and support efforts to harden the network and cloud environment against malware, ransomware, and intrusion, including proactive identification of emerging cyber-threats and at-risk areas across LAN, WAN, WLAN, SD-WAN, and Azure-hosted workloads.

• Design, implement, and maintain security controls within Microsoft Azure, including Azure Active Directory / Entra ID, Conditional Access policies, Multi-Factor Authentication (MFA), Privileged Identity Management (PIM), and Azure role-based access control (RBAC).

• Monitor and respond to alerts from Microsoft Defender for Cloud, Microsoft Sentinel (or equivalent SIEM), and Helpdesk/security partner tooling, escalating high-risk issues to IT Management in a timely manner.

• Configure and maintain Cisco Meraki firewall security settings, network segmentation (subnetting/VLANs), and access permission groups to enforce least-privilege principles across both on-premises and cloud resources.

• Implement and maintain Azure network security components such as Network Security Groups (NSGs), Azure Firewall, Azure VPN/ExpressRoute connections, and Azure Bastion for secure remote access.

• Support identity and access management initiatives, including device hardening, endpoint security, single sign-on (SSO), and Group Policy enforcement for domain-wide computer and user security baselines.

• Ensure secure, regularly-tested backups of critical systems and servers, including the organization's Nutanix hyper-converged and Cohesity backup environments, with attention to ransomware-resilient and immutable backup practices.

• Participate in vulnerability management and patching cycles (Microsoft Intune), prioritizing remediation of high-severity findings across servers, network devices, and cloud resources.

• Maintain and continuously improve security documentation, including network topology, data flow, incident response procedures, and Azure security architecture diagrams.

• Assist in security awareness initiatives and end-user training to reinforce safe computing practices and compliance with IT framework, policies, and procedures.

• Support audits and compliance efforts related to data protection, access control, and cloud security standards, providing evidence and documentation as required.

Core Network Engineering Responsibilities

• Perform day-to-day networking tasks to ensure network reliability, availability, and serviceability with minimal interruption.

• Provide technical support, respond to work orders and tickets, and analyze and resolve reported network problems.

• Install and troubleshoot LAN, WAN, WLAN, and SD-WAN connectivity, including DNS, DHCP, and TCP/IP services.

• Develop and maintain complex documentation for installation, network topology, and troubleshooting of communications hardware and software.

• Work with the IT Team to coordinate and install server updates, patches, and certificates.

• Maintain an enterprise-wide inventory of all server and network infrastructure assets, including warranty status and lifecycle management.

• Provide server systems support, administration, and documentation, including Windows Server operating systems and hypervisor-based environments (Nutanix AHV).

• Work with the Sr. Network Engineer to maintain and update the company's hyper-converged Nutanix solution and Cohesity backup solution.

• Create and maintain IT-related end-user training documentation.

• Participate in the on-call rotation as needed and required.

• Demonstrate excellent time management and prioritization skills, balancing routine tasks with urgent support and security needs.

• Adhere to, support, and foster compliance with the IT framework, policies, and procedures across the user base.

• Act as a strong team player who continually seeks to grow technical expertise and the scope of the role.

Knowledge, Skills & Experience

Required Technical Skills

• Strong working knowledge of cybersecurity principles, including threat detection, firewall management (Cisco Meraki and Fortigate), network segmentation, and identity-based security controls.

• Hands-on experience with Microsoft Azure security tools and services (Azure AD/Entra ID, Conditional Access, MFA, NSGs, Azure Firewall, Defender for Cloud, or Sentinel).

• Ability to troubleshoot current Windows and Server operating systems, including patching and hardware support.

• Experience troubleshooting LAN, WAN, WLAN, and SD-WAN environments (DNS, DHCP, TCP/IP).

• Solid understanding of network segmentation (sub-netting) and VLANs.

• Experience with a patch management solution (WSUS and/or Microsoft Intune) and structured vulnerability remediation.

• Familiarity or working knowledge of hypervisor-based servers and computing; Nutanix AHV experience a plus.

• Understanding of hybrid identity and access management concepts spanning on-premises Active Directory and Azure AD.

Desired Technical Skills

• Microsoft Azure security certifications (e.g., SC-200, SC-300, AZ-500) or demonstrated equivalent experience.

• Citrix XenApp Server support (Studio, Director, Storefront, Apps).

• Active Directory domain infrastructure and Group Policy administration for domain-wide computer and user policies.

• NTFS file permissions and data access governance.

• Security focus on device hardening, endpoint protection, and identity management across hybrid environments.

• Experience with SIEM platforms, security monitoring, and incident response workflows.

Education & Experience

• Minimum 10 years of experience working in an IT department performing similar duties, with demonstrated exposure to network security and cloud security practices.

• Professional certifications such as MCP, A+, Network+, Security+, or Microsoft Azure security certifications (SC-200, SC-300, AZ-500) are preferred.

Working Environment

• No special physical requirements for this position.

• General office conditions.

• Some light lifting and bending.

• Periods of sitting.

• Travel 20%

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.