Network Security Engineer

We are searching for an experienced Network Security Engineer to be responsible for ensuring the Group's IT Networks and Communications are well designed, secure, optimal and function consistently across all internal and external operations.

IT and Cyber Security is extremely important and is key to all our client's operations and you will play an extremely vital role in developing and maintaining security services throughout the business.

The role is offered on a hybrid-working basis with up to 2-days per week working from home. The role requires you in the office at least 3-days per week so you MUST live within a commutable distance of Exeter to be considered for the position or you will be looking to relocate to the area. The role comes with excellent benefits!

In this role you will be responsible for the following:

Reviewing and managing network security services in line with Group security objectives and policies.
Monitoring and administrating the security of both internal and external corporate network communications, including, routers, switches, firewalls, DMZ, servers, Wi-Fi, OT, telephony and LAN/WAN/VPN communication services.
Constantly reviewing the IP space across the organisation ensuring that the TCP/IP stack, VLANs, IP Subnet, DNS, DHCP, VPNs, and VoIP traffic is well designed, secure and optimised.
You will ensure best practices are used for delivering network security. Continually monitoring, maintaining and testing the threat landscape and security posture.
Provide regular service status updates to line management and agree and monitor service availability targets.
Manage all SSL and external web server security functions to ensure data protection, systems integrity and user confidence at all times.
Manage NIS2 and GDPR privacy policies and operational practice.
Perform regular reviews of security solutions and processes, identifying opportunities for optimisation to over two hundred office, home and field-based employees.
Provide day-to-day cyber security guidance and support to relevant technical & business stakeholders.
Deliver annual penetration testing and implement recommended improvements.
Research latest network cyber threat developments and recommend any actions that will improve network performance and security.
Work closely with NIBE SOC teams and internal security engineers to ensure all preventative security measures are implemented and Zero Day / critical threats are extinguished in line with internal resolution targets. Collaborate with other business teams to ensure the proper use of systems.
Coordinate investigations and reporting of security incidents related to Network, Systems and Applications. Diagnose root causes of system failures and implement appropriate corrective actions.
Assist with OT process and system change management, overseeing testing and approval of changes using an approved methodology.
Ensure all network hardware assets are identifiable and updated in the asset management system.
Provide technical expertise to support the maintenance of our hardware infrastructure systems and services.
Work closely with NIBE IT teams to ensure Group IT policies are continually checked and in place. Required Experience

A computer related degree or relevant professional certification and accreditation is preferred.
Extensive commercial experience in an IT security role maintaining secure networks in a MS-Windows and Linux environment.
Expert knowledge of and experience in LAN/WAN/VLAN communications, VPN configuration and enterprise wireless networking.

Experience of Dell core and edge switches with fibre is preferable.
CCNA/CCNP equivalent accreditation is advantageous but is not essential.
Experience and excellent working knowledge of GNS3 (or similar) is really beneficial.
Firewall configuration, management and monitoring experience is essential.

Experience of Forti Gate products preferable.
TCP/IP networking stack, DNS, DHCP, RADIUS/AAA, Active Directory, SSL, 2FA, OT skills are essential for this position.
Knowledge of information security standards (e.g., ISO 17799/27002/27001/PCI DSS/SIEM, etc.), rules and regulations related to information security and data confidentiality (e.g., FERPA, HIPAA, etc.) and key network security principles for risk identification and analysis.
Knowledge of Linux OS and Windows Server and desktop operating systems configuration & troubleshooting and SCCM/MECM skills are preferrable.
Knowledge of and experience in virtual network technologies, specifically ESXi and VMware configuration and administration is advantageous.
Knowledge of MDM products, Crowd Strike and Cortex XDR configuration and administration would be advantageous.
Experienced user of Office 365, Teams, One Drive, SharePoint etc.

- any MS E3 subscription services.
Excellent troubleshooting, diagnostic, problem-solving and communication skills.
Flexibility to work on planned, out of hours systems projects if required.
Training is available for the right candidate to ensure complementary skills are…