We are seeking an experienced Network Security Engineer with deep expertise in firewalls. This role will focus heavily on the deployment, management, tuning, and day-to-day operations of enterprise firewalls, while also providing expert-level leadership across VPN technologies, SASE architecture, and Network Access Control (NAC) solutions. The engineer will design, implement, and optimize network security controls and play a key role in driving broader security operations, incident response, and security program maturity across the organization
Key Responsibilities:- Deploy, configure, manage, and tune enterprise firewall platforms to support secure and reliable network operations.
- Lead day-to-day firewall administration, including policy management, rule reviews, logging, monitoring, and performance optimization.
- Design, implement, and maintain VPN, SASE, and Network Access Control solutions to strengthen enterprise network security.
- Support security operations and incident response activities by investigating alerts, analyzing traffic patterns, and recommending containment or remediation actions.
- Partner with infrastructure, network, and security teams to improve security controls, reduce risk, and advance overall security program maturity.
Key Skills:- Strong hands-on experience with enterprise firewalls, including policy design, troubleshooting, tuning, and lifecycle management.
- Deep knowledge of network security technologies such as VPN, SASE, NAC, and related access control concepts.
- Solid understanding of network protocols, routing, segmentation, and traffic analysis in enterprise environments.
- Ability to analyze security logs, identify threats or misconfigurations, and support incident investigation and response.
- Effective collaboration and communication skills with the ability to work across technical teams and influence security best practices.
- Experience with firewall rule governance, including rule recertification, cleanup, and least-privilege access design.
- Knowledge of security monitoring tools and log analysis platforms used to detect and respond to network threats.
- Ability to document network security designs, procedures, and standards clearly for technical and non-technical audiences.
- Familiarity with vulnerability management and how network security controls support risk reduction efforts.
- Strong problem-solving skills with the ability to troubleshoot complex connectivity and security issues under pressure.
Application window is anticipated to close 14 days from original posting date.
This information is provided in compliance with the Colorado Equal Pay for Equal Work Act and is the company's good faith and reasonable estimate of the compensation range and benefits offered for this position. The compensation offered to the successful applicant may vary based on factors including experience, skills, education, location, and other job-related reasons.
This position requires use of information which is subject to the International Traffic in Arms Regulations (ITAR) and/or the Export Administration Regulations (EAR). All applicants must be U.S. Persons within the meaning of the ITAR and EAR, or eligible to obtain all required authorizations from the U.S. Department of State and/or the U.S. Department of Commerce. The ITAR defines a U.S. Person as a U.S. citizen or national, lawful permanent resident (i.e., 'Green Card holder'), or a protected person (e.g., asylee, or refugee).
#LI-Hybrid