The Role
The Information Security Operations Specialist is responsible for the day-to-day engineering, administration, and monitoring of the enterprise security infrastructure, with a specialized focus on perimeter defense and firewall management. Leveraging a strong foundational background in network engineering, you will serve as the primary technical hands-on expert for Next-Generation Firewalls (NGFW), intrusion prevention systems, and secure remote access.
This role operates at an advanced operational level, ensuring security systems are optimally configured, actively monitored, and resilient against evolving cyber threats. The candidate will monitor security alerts, manage complex rule sets, troubleshoot network security issues, and act as a primary technical responder during security incidents.
What You'll Do
Firewall Engineering & Perimeter Defense:
- Manage the full lifecycle of enterprise Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF), including deployment, configuration, routine patching, and firmware upgrades.
- Design, implement, and audit firewall rule bases and access control lists (ACLs) ensuring strict adherence to the principle of least privilege.
- Optimize and maintain Intrusion Detection and Prevention Systems (IDS/IPS), URL filtering, and Advanced Threat Protection features on perimeter devices.
- Manage secure remote access systems, including site-to-site IPsec VPNs, client VPNs, and Zero Trust Network Access (ZTNA) gateways.
Incident Response & Security Monitoring
- Monitor and respond to security alerts generated by the various security and network monitoring tools.
- Lead technical containment, eradication, and recovery efforts during network-centric security incidents.
- Perform deep-packet analysis and log correlation to investigate suspicious network traffic, connectivity anomalies, or potential data exfiltration attempts.
- Conduct post-incident reviews to identify gaps in visibility or containment capabilities and implement remediation steps in the firewall or security stack
Operational Network Support & Troubleshooting
- Diagnose and resolve complex connectivity and routing issues where network traffic intersects with security controls.
- Collaborate closely with the Network Engineering team to ensure seamless integration of security platforms with core routing, switching, and wireless infrastructures (LAN/WAN, SD-WAN).
- Support network segmentation initiatives by creating, testing, and enforcing security zones across on-prem and cloud environments.
Vulnerability Management & Infrastructure Hardening
- Conduct regular vulnerability scans of network appliances, firewalls, and boundary devices; coordinate and validate the application of security patches.
- Perform continuous configuration compliance checks against established security baselines (e.g., CIS Benchmarks).
- Participate in threat modeling exercises to identify operational weaknesses in the current network security posture and actively deploy countermeasures.
Documentation, Reporting & Automation
- Author, update, and maintain detailed operational runbooks, network security diagrams, and firewall change management documentation.
- Develop scripts (e.g., Python, PowerShell, or Bash) to automate routine security operations tasks, rule audits, or alert responses.
- Generate weekly and monthly operational metrics tracking firewall performance, blocked threats, and incident response efficacy for IT leadership, reports, and metrics aligned with operational, security, and management requirements.
Operational Support and Process Design:
- Identify operational risks resulting from technology, process, and procedure shortcomings, and lead efforts to address these issues.
- Define technical and operational standards to guide delivery of network and security services to the organization
- Serve as the escalation point for complex operational issues, leading the delivery of a suitable and repeatable solution.
What You Bring
- 3-5 years of progressive, hands-on experience in Information Security Operations (SecOps) and Network Security Engineering.
- Extensive prior experience in enterprise network engineering (routing, switching, protocols like BGP/OSPF, VLANs, and NAT), utilizing this knowledge to troubleshoot network security traffic flows.
- Proven track record administering enterprise-grade Next-Gen Firewalls (e.g., Palo Alto, Fortinet, Cisco Secure Firewall) in high-availability environments.
- Strong working knowledge of secure remote access technologies (IPsec, SSL-VPN, SASE).
- Excellent analytical skills with the ability to remain calm and methodical during high-pressure security incidents.
- 5+ years of experience in one or more of: Network Operations, Security Operations, IT Operations, Security Incident Response
- Hands-on experience with FortiNet products and technologies
- Scripting knowledge (Python, PowerShell, Bash) for security automation
- Exposure to network planning, design, and governance risk & compliance
- Experience with ITIL-based Incident and Problem Management
- Familiarity with compliance frameworks (NIST, CIS-CSC, SOC 2, ISO 27001)
- Preferred certifications, such as CISSP (Certified Information Systems Security Professional), CEH (Certified Ethical Hacker), CompTIA Security+, or ITIL v4 Foundations
Additional Requirements
- Availability to participate in on-call rotation for security incidents, including after-hours work during critical events.
What's in it for you
- A united, values-driven culture that genuinely cares about people, collaboration, and community.
- A comprehensive total rewards package, including Traditional Spending Account (TSA) and Health Care Spending Account (HCSA) coverage to support your physical, mental, and financial well-being.
- An additional five (5) personal care days, giving you extra flexibility to recharge, reset, or take care of what matters most.
