More jobs:
Job Description & How to Apply Below
Position Overview
We are seeking a highly skilled Network Engineer to lead the design, remediation, security hardening, and long-term modernization of our multi-site IT infrastructure environment. This role is responsible for defining technical standards, architecting secure network and identity solutions, developing IT and cybersecurity policies, and directing operational execution performed by the on-site Junior Systems Administrator.
This is a hands-on technical leadership role requiring strong expertise in network security, firewall management, Active Directory architecture, vulnerability remediation, VPN access control, and enterprise infrastructure governance.
The successful candidate must be highly responsive, organized, and capable of independently driving infrastructure and cybersecurity initiatives across multiple concurrent work streams.
Key Responsibilities
Network Infrastructure & Security
Design, configure, and maintain secure network infrastructure across multiple business locations
Lead firewall modernization initiatives including Fortinet and Palo Alto environments
Configure and manage:
Security policies
VPN infrastructure
Threat prevention profiles
URL filtering
Access control policies
Design and implement secure VLAN segmentation and firewall zoning strategies
Eliminate insecure network configurations and improve overall network architecture
Architect secure enterprise Wi-Fi authentication using 802.1X and credential-based access controls
Firewall & VPN Administration
Manage Fortinet and Palo Alto firewall environments including firmware upgrades and security remediation
Design secure VPN access models using Active Directory Security Groups and least-privilege principles
Replace legacy or end-of-life network infrastructure with modern secure solutions
Maintain and improve remote access security and network segmentation policies
Active Directory & Identity Governance
Design and maintain Active Directory architecture and Group Policy standards
Develop tiered administrative access models and privileged access controls
Architect and deploy MFA across administrative and remote access systems
Design and document formal joiner/mover/leaver identity governance processes
Eliminate shared administrative accounts and implement secure role-based access controls
Vulnerability & Patch Management
Own vulnerability management and remediation programs using Qualys, Tenable, or equivalent tools
Define patching standards, remediation SLAs, and compliance reporting processes
Design and maintain formal patch management policies and operational procedures
Direct remediation priorities and provide technical guidance to the Junior Systems Administrator
Security Hardening & Compliance
Design and deploy enterprise security hardening standards using Group Policy Objects (GPOs)
Enforce organization-wide controls including:
SMB signing
Weak cipher removal
NLA enforcement for RDP
Lead SSL/TLS certificate lifecycle remediation and management initiatives
Improve endpoint, network, and identity security posture across the organization
Documentation & Policy Development
Write and maintain:
IT security policies
Infrastructure standards
Technical runbooks
Operational procedures
Develop core policies including:
Acceptable Use Policy
Password Policy
Access Control Policy
Provide clear technical documentation for both IT teams and business leadership
Leadership & Technical Direction
Provide technical leadership and operational guidance to the Junior Systems Administrator
Break down projects into actionable implementation tasks
Prioritize remediation initiatives and manage multiple concurrent infrastructure projects
Act as the primary technical escalation point for complex infrastructure and security issues
Required Qualifications
3–6 years of experience in network engineering, infrastructure engineering, or senior systems administration
Strong hands-on experience with Fortinet and Palo Alto firewall environments
Advanced knowledge of:
VLANs
VPNs
Active Directory
Group Policy
MFA implementation
Experience designing secure infrastructure and identity governance frameworks
Strong understanding of SSL/TLS, certificate lifecycle management, and security hardening
Experience with vulnerability management and patch governance programs
Strong technical documentation and policy writing skills
Ability to work independently across multiple sites and priorities
Nice-to-Have Skills
SIEM and centralized log management experience
Penetration testing coordination and remediation planning
Azure / Entra hybrid identity environments
Managed Detection & Response (MDR) vendor experience
Power Shell scripting and automation
Virtualization and cloud infrastructure exposure
Preferred Certifications
Palo Alto PCNSA or PCNSE
Fortinet NSE 4 or higher
CompTIA Security+
Microsoft AZ-500 or SC-200
Soft Skills & Culture Fit
Strong written and verbal communication skills
Highly organized and detail-oriented
Responsive and dependable while working remotely or across multiple…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×