Network Security Engineer

1. Advanced Support and Escalation Management

• Act as the final escalation point for complex incidents affecting firewalls, VPN, proxy, IPS, SSL inspection, DDoS, and network ATP.
• Perform deep troubleshooting, packet analysis, and protocol level investigations for critical issues.
• Own root cause analysis for recurring or high impact incidents and define corrective and preventive actions.

2. Configuration, Optimization and Maintenance

• Design, implement, and tune policies on Palo Alto, Cisco ASA or FTD, and Fortinet firewalls. Including segmentation, zero trust style rules, NAT, and security policies.
• Manage VPN services for remote access and site to site connectivity. Including authentication, MFA integration, and high availability.
• Administer Forcepoint Web proxy and SSL decryption policies. including safe bypass lists, categories, and exception handling.
• Operate Gigamon SSL inspection, Arbor DDoS, and network IPS or ATP solutions. ensuring signatures, profiles, and protections are updated and tuned.
• Own backup, restore, and lifecycle tasks for all network security devices. including upgrades, certificate rotations, and HA testing.

3. Architecture and Design

• Contribute to low level designs, network security architectures, and change plans for new services and projects.
• Recommend improvements in zoning, traffic flows, and control placement to align with SAMA CSF and NCA ECC requirements for network and perimeter security.

4. Incident Response and Reporting

• Lead network security incident response during major events. coordinate with SOC, infrastructure, and application owners.
• Produce detailed RCAs, including packet captures, logs, timeline, business impact. and hardening recommendations.
• Provide dashboards and reports on policy changes, rule usage, blocked traffic trends, and attack statistics.

5. Technical Leadership and Mentoring

• Mentor L2 Network Security Engineers on troubleshooting methods, tooling usage, and SOPs.
• Review and approve L2 changes for complex or high-risk activities.
• Contribute to our own runbooks, hardening guides, and standard templates for network security changes.

6. Governance, Compliance and ITIL

• Ensure all work is executed under formal Change and Incident Management with CAB ready plans, test cases, and rollback procedures.
• Map device configurations and monitoring to SAMA Cybersecurity Framework and NCA ECC technical controls for network security, perimeter defense, and secure remote access.
• Maintain audit ready evidence. approvals, logs, configuration exports, and RCAs.

7. Collaboration and Stakeholder Engagement

• Work closely with
• F5 Application Security tower for traffic flows, VIPs, and DDoS or WAF interactions
• L3 Email Security Engineer for handoffs where issues are clearly network or clearly mail gateway
• SOC and SIEM teams for rule tuning and log quality
• Infrastructure and application teams to ensure secure and stable deployments

Tooling Scope

Must have strong hands-on expertise in most of

• Palo Alto NGFW and GlobalProtect
• Cisco ASA or FTD and Cisco IPS
• Fortinet FortiGate
• Forcepoint Web Security and SSL interception
• Gigamon SSL inspection
• Arbor DDoS
• Trellix or FireEye NX or equivalent network ATP

Good to have

• Experience with automation or scripting around these tools, plus strong packet analysis using tools such as Wireshark or vendor built in captures.

Required Qualifications

• Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Minimum 7 years in network security engineering. with at least 3 to 5 years managing multi-vendor firewalls, VPN, proxy, IPS, DDoS, and SSL inspection in large enterprises.
• Deep understanding of TCP or IP, routing, VPN protocols, TLS, HTTP or HTTPS, DNS, and common attack techniques against network and perimeter infrastructure.
• Proven track record leading incident response and complex troubleshooting in high availability. environments.

Desired Skills and Certifications

• Palo Alto PCNSE or PCNSA, Cisco CCNP Security or equivalent, Fortinet NSE4 or higher.
• ITIL Foundation or experience operating under ITIL processes.
• CISSP, CISM, or equivalent is a plus for seniority and governance alignment.