B2. Primary Roles & Responsibilities: + Network Security Architecture & Design: + Lead the design, implementation, and optimization of robust, scalable, and secure network architectures for enterprise and data center environments. + Develop and maintain network security policies, standards, and procedures in alignment with industry best practices and compliance requirements. + Conduct security assessments and vulnerability analyses of existing network infrastructure, recommending and implementing remediation strategies. + Operations & Troubleshooting: + Provide expert-level operational support and troubleshooting for complex network security issues, ensuring minimal downtime and business continuity. + Manage and maintain various network security devices and platforms including, but not limited to, Firewalls (Next-Gen and traditional), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), VPN gateways, Load Balancers, and Network Access Control (NAC) solutions. + Monitor network security performance, health, and capacity, implementing proactive measures to prevent issues. + Customer Relationship Management: + Serve as a primary technical point of contact for key customers, understanding their unique security needs and translating them into technical solutions. + Team Leadership & Mentorship: + Lead and mentor a team of network engineers, fostering skill development, knowledge sharing, and adherence to best practices. + Participate in the recruitment and training of new team members. + Project Management & Delivery: + Lead and execute network security projects from inception to completion, ensuring timely delivery within scope and budget. + Innovation & Continuous Improvement: + Stay abreast of the latest trends, threats, and advancements in network security technologies and methodologies. + Drive continuous improvement initiatives within the network security domain. B3. Expected Experience and Expertise + 12+ years of hands-on experience in designing, implementing, and managing complex network security solutions in enterprise-level environments. + Deep expertise in various firewall technologies (Palo Alto, Fortinet, Cisco, Check Point), including policy management, VPN configuration, advanced threat prevention features (IPS, URL Filtering, WildFire/Sandbox, AV). + Strong understanding and experience with Intrusion Prevention Systems (IPS) and their deployment and tuning. + Proficiency with VPN technologies (IPSec, SSL VPN) for site-to-site and remote access connectivity. + Hands-on experience with Load Balancers (e.g., F5 BIG-IP LTM/ASM, NetScaler) and Web Application Firewalls (WAFs). + Experience with Network Access Control (NAC) solutions (e.g., Cisco ISE, Aruba ClearPass). + Solid understanding of routing and switching protocols (OSPF, BGP, EIGRP, VLANs, STP, etc.) and their security implications. + Experience with DDoS mitigation techniques and solutions. + Working knowledge of cloud security principles and experience with security controls in AWS, Azure, or GCP. B4. Certifications Nice-to-Have + Palo Alto Networks Certified Network Security Engineer (PCNSE): Essential for hands-on expertise with Palo Alto Networks Next-Generation Firewalls, a widely used platform. + Fortinet Certified Network Security Expert (FCX / NSE 8) OR Fortinet Certified Network Security Professional (NSE 7): Demonstrates expert-level proficiency with Fortinet security products, particularly FortiGate firewalls and the Fortinet Security Fabric. + Check Point Certified Security Master (CCSM) OR Check Point Certified Security Expert (CCSE): Indicates high-level proficiency with Check Point security solutions. B5. Leadership skills + Team player + Able to lead a team