Network Security Specialist

We are looking for a highly experienced, hands-on Senior IT Network & Security Specialist to join a global IT and security team.

The role is responsible for the design, implementation, operation, and continuous improvement of network, system, and security controls across on-premises and cloud environments. The focus is on infrastructure protection, availability, monitoring, and operational stability within a large-scale enterprise environment.

Responsibilities:

Infrastructure & Security Operations

• Secure and operate global infrastructure across on-premises and cloud environments.
• Support and improve security operations, monitoring, and incident handling workflows.
• Operate, maintain, and continuously enhance IT and security platforms.
• Collaborate with IT, DevOps, and security teams to ensure alignment with internal standards and best practices.

Network & Security Engineering

• Design, configure, troubleshoot, and maintain enterprise network infrastructures, including WAN/LAN architectures, Layer 2 and Layer 3 switching and routing, dynamic routing protocols (BGP), and SDN-based network designs.
• Configure and maintain enterprise wireless infrastructure (FortiAP).
• Deploy, configure, and manage security solutions including firewalls (FortiGate), Web Application Firewalls (WAF), Network Access Control (NAC), endpoint security platforms, secure mail gateways, Data Loss Prevention (DLP) solutions, and DDoS protection services.

Linux & Windows System Administration

• Act as a senior-level system administrator for Linux and Windows environments.
• Perform OS-level hardening, patching, and configuration management.
• Troubleshoot system-level issues related to performance, security, and availability.
• Ensure systems align with internal security baselines.

Cloud Security & Infrastructure (AWS)

• Implement and maintain identity and access security, including IAM roles and least-privilege policies, IAM Identity Center (SSO) with MFA, and IAM Access Analyzer.
• Manage AWS Organizations and Service Control Policies (SCPs).
• Operate AWS Config and CloudTrail for visibility and governance.

Logging, Monitoring & Detection

• Operate and enhance security monitoring and detection services, including Amazon GuardDuty.
• Centralize logs using CloudWatch, EventBridge, and S3.
• Ensure traceability of security-relevant events across cloud and on-prem environments.

Data Protection & Network Security

• Enforce encryption and secrets management using AWS KMS, Secrets Manager, and ACM.
• Design and operate secure DNS and network routing using Route 53 hosted zones, DNS logging, Route 53 Resolver DNS Firewall, secure VPC routing and segmentation, and VPC Flow Logs.
• Implement AWS WAF and DDoS protection mechanisms.

Infrastructure as Code & Security Hygiene

• Implement Infrastructure as Code (IaC) using Terraform.
• Work with Git-based workflows and controlled change processes.
• Maintain vulnerability management and continuous remediation.
• Contribute to internal security documentation and procedures.

Requirements:

Mandatory

• Minimum 4 years of hands-on Linux and Windows system administration experience.
• Strong understanding of TCP/IP networking.
• Hands-on experience with Layer 2 networking (FortiSwitch, Cisco).
• Hands-on experience with Layer 3 networking (routers and L3 switches).
• Proven experience with dynamic routing protocols (BGP).
• Enterprise wireless infrastructure experience (FortiAP).
• Hands-on experience with FortiGate firewalls.
• Strong knowledge of WAN and LAN architectures.
• Experience with Web Application Firewalls (WAF), Network Access Control (NAC), and security monitoring tools.
• Hands-on experience with AWS services including IAM, AWS Organizations, AWS Config, and CloudTrail.
• CCNP Switching / Enterprise (or equivalent level) – mandatory.
• Fortinet NSE4 or NSE5 – mandatory.

Advantage

• Advanced Fortinet certifications (NSE6 / NSE7).
• Azure security experience.
• Advanced Terraform experience.
• Scripting skills (Python, Bash, PowerShell).
• Penetration testing knowledge.