Network Security Engineer at Diligent Tec Inc San Jose, CA

Network Security Engineer at Diligent Tec Inc. San Jose, CA.

Location:

Onsite - San Jose, CA (Preferring Locals). Duration:
Long Term Position.

Qualifications

• Education
  :
  Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, Network Engineering, or related field.
• Experience
  :
  Minimum 8+ years hands‑on security engineering and security appliance administration.
• Preferred Certifications
  :
  • Cisco: CCNA, CCNP Security
  • Checkpoint: CCSA
  • Palo Alto: PCNSA, PCNSE, PCCET
  • CompTIA Security+
• Strong understanding of TCP/IP networking, routing, VLANs, segmentation, VPN, DNS, NAT, and packet filtering.
• Deep hands‑on experience securing enterprise environments using Cisco ASA/Firepower, Check Point firewalls, and Palo Alto NGFW.
• Proficiency with security monitoring, EDR, DLP, SIEM, threat intelligence, and vulnerability assessment tools (Nessus, Qualys, etc.).
• Knowledge of cloud networking security and virtualization (Azure, AWS, VMware NSX preferred).
• Ability to follow strict enterprise standards for security appliance design, change management, configuration, documentation, and audit readiness.

Core Responsibilities Security Architecture & Deployment

• Design and implement security appliances and policy frameworks to integrate acquired company networks into the enterprise environment.
• Deploy and configure perimeter and internal firewalls, including rule base design, NAT policies, threat profiles, VPN configurations, DLP controls, and logging standards.
• Build bills of material (BOM) for required firewall hardware and place procurement orders.
• Implement approved security exceptions while maintaining compliance with internal standards.

Configuration, Operations & Maintenance

• Upgrade and patch firewall operating systems and register devices with centralized management systems.
• Integrate new firewalls into enterprise security consoles (Panorama, Smart Console, Cisco FMC, etc.).
• Deploy security access controls, filtering policies, and rule sets, ensuring traceability and SOC logging requirements.
• Maintain auditable logs and enforce standards for least privilege access across merged environments.

Security Assessment & Monitoring

• Assess existing security posture of acquired entities using vulnerability scanners, EDR platforms, and threat intelligence tools.
• Execute internal and external scans, identify vulnerabilities, and drive remediation.
• Monitor firewall performance, analyze system logs, manage packet inspection, and troubleshoot traffic flow issues in partnership with network teams.

Documentation & Compliance

• Create detailed technical documentation including diagrams, runbooks, configuration guides, topology maps, and change control records.
• Ensure all security deployments meet internal governance requirements, compliance policies, and best practices.

Collaboration & Support

• Provide hands‑on technical support for troubleshooting security issues across networking, server, and endpoint platforms.
• Liaise with vendors, carriers, and service providers to maintain SLAs and optimize platform configurations.

Capacity Planning & Integration Strategy

• Perform security infrastructure capacity planning to support company growth and evolving business requirements.
• Develop 30-60-90 day security integration roadmaps for new acquisitions, including phased firewall migration plans and endpoint risk remediation strategies.
• Align integration activities with enterprise security architecture and prioritize high‑risk remediation tasks.

Automation & Efficiency

• Automate recurring tasks such as vulnerability scans, alert correlation, firewall rule cleanup, reporting, and security control audits (Python, Power Shell, Bash preferred).

If this is aligned with your experience and you are open to exploring the opportunity further, please reply with your latest resume and availability for a discussion. Looking forward to hearing from you.

#J-18808-Ljbffr