Network Security Team Lead

Responsibilities

• Manage a small team of talented network security engineers, providing strategic guidance and mentorship throughout all aspects of protecting the firm’s data through network security best practices with a focus on data driven results.
• Manage advanced security configurations for next‑generation firewalls, locally and globally
• Ensure network security compliance with regulatory standards such as PCI DSS, HIPAA, and GDPR by implementing policies and procedures and performing regular audits
• Configure and manage all deployed network security platforms such as firewalls, IDS, and IPS, ensuring they are up-to-date and configured according to industry best practices
• Collaborate with other IT teams to ensure secure integration of cloud services such as AWS, Azure, and GCP, including implementing security controls such as access controls, encryption, and network segmentation
• Develop and maintain network segmentation policies and practices, including implementing zero trust architecture and micro segmentation to reduce the risk of lateral movement by attackers
• Conduct risk assessments to identify vulnerabilities, perform penetration testing, and recommend remediation plans, including vulnerability management programs
• Develop training materials and conduct regular training sessions for users on network security best practices and policies

• Bachelor's degree in computer science, information security, or related field
• 5-7 years of experience in network security within a highly regulated environment
• Previous team lead management experience with a passion for mentorship and leadership
• Industry certifications such as CISSP, CCNA/CCNP Routing & Switching, Palo Alto Networks Security certifications (PCSNE), Security+, and/or CCNA Security.
• Demonstrated experience with networking, firewalling (Palo Alto Networks, including User-, App-, IDS/IPS) WAF, DDoS, NAC, and other related network security related tools and technologies
• In-depth knowledge of network segmentation, including micro segmentation and zero trust architecture leveraging tools such as Illumio, Guardicore, VMware NSX (NSX-T), vArmour, Cisco ACI, Shield
  
  X, Unisys Stealth, and/or Zero Networks.
• Experience with Secure Access Service Edge (SASE) and Cloud Access Security Broker (CASB) architectures leveraging tools such as Prisma Access, zScaler, and/or Net Skope.
• Knowledge of cloud networking with cloud providers such as AWS, Azure, or GCP.
• Configuration and management experience in network detection and response (NDR) platforms such as Darktrace, Extra Hop, or Vectra.
• Excellent analytical and communication skills, with the ability to explain technical concepts to non-technical audiences
• Commitment to the highest ethical standards