Customers Bank

Network Security Engineer

Customers Bank$90K — $120K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in network security engineering with firewall expertise.
  • 3+ years experience managing Palo Alto Networks next-gen firewalls.
  • Hands-on experience with Cisco ASA and Firepower for security.
  • Proficient in Cisco Identity Services Engine (ISE) for network access control.
  • Knowledgeable about VPN technologies and certificate-based authentication.
  • Familiar with network security protocols and micro-segmentation tactics.
  • Understanding of ITIL change management processes.

Responsibilities

  • Design and manage Palo Alto Networks next-gen firewalls.
  • Administer Cisco ASA and Firepower firewalls, focusing on access control.
  • Maintain VPN infrastructure for secure remote connectivity.
  • Support Cisco Catalyst SD-WAN environment security protocols.
  • Manage Cisco Umbrella for DNS-layer security.
  • Lead investigations into network-layer security incidents.
  • Collaborate with IT teams on security architecture improvements.
  • Document network security policies and operating procedures.

Benefits

  • Comprehensive medical, dental, and vision insurance options.
  • Retirement savings plan with company match.
  • Career development and continuing education support.
  • Flexible work schedules
  • Generous paid time off and holiday leave.
Full Job Description

Must be legally eligible to work in the United States without sponsorship, now or in the future, to be considered.

What You’ll Do:

As a Network Security Engineer at Customers Bank, you will be a key member of our IT Network team, responsible for designing, implementing, administering, and supporting our enterprise network security infrastructure. You will play a hands-on role in protecting the bank’s network perimeter, securing data flows, and enforcing security policies across our multi-site environment. This role requires deep hands-on expertise with Palo Alto Networks and Cisco firewall platforms, along with strong knowledge of network security principles, zero-trust architecture, VPN technologies, Cisco ISE, and SD-WAN security.

  • Design, deploy, and manage Palo Alto Networks next-generation firewalls (NGFWs), including security policies, NAT, App-ID, User-ID, Threat Prevention, URL Filtering, and WildFire across the enterprise and branch locations.
  • Administer and maintain Cisco ASA and Firepower (FTD) firewalls, managing access control policies, intrusion prevention, and platform lifecycle including upgrades and patching.
  • Manage and maintain VPN infrastructure, including Cisco AnyConnect/Secure Access remote access, as well as site-to-site IPSec tunnels, ensuring secure and reliable connectivity for remote users and branch offices.
  • Support and secure the Cisco Catalyst SD-WAN environment, including applying security policies, traffic segmentation, and ensuring encrypted transport across WAN fabrics.
  • Administer Cisco Umbrella/Secure Access DNS-layer security and web filtering policies, managing category-based controls, threat intelligence integrations, and reporting across the enterprise.
  • Able to lead investigation and response to network-layer security incidents, anomalies, and policy violations.
  • Participate in and lead change management activities in accordance with ITIL best practices, ensuring proper documentation, approvals, post-implementation reviews, and compliance with regulatory requirements.
  • Collaborate with the Information Security, Cloud, and Infrastructure teams to design and implement network segmentation, zero-trust controls, and security architecture improvements aligned to PCI-DSS, SOX, and NIST frameworks.
  • Work both independently and collaboratively across IT teams, vendors, and business stakeholders to deliver security projects, resolve incidents, and drive continuous improvement of the network security posture.
  • Maintain thorough documentation of firewall policies, network security architecture, runbooks, and standard operating procedures.

What Do You Need?

Technology Skills:

  • 5+ years of hands-on experience in network security engineering, with demonstrated expertise in enterprise firewall administration and network perimeter security (CCNP Security-level or equivalent experience).
  • 3+ years of hands-on experience with Palo Alto Networks NGFWs, including Panorama management, security policy design, and advanced threat prevention features (App-ID, User-ID, WildFire).
  • Solid hands-on experience with Cisco ASA and/or Firepower (FTD/FMC) – access control policies, IPS tuning, platform upgrades, and migration planning.
  • Strong working knowledge of Cisco ISE for NAC, 802.1X, RADIUS/TACACS+, device profiling, and guest access management.
  • Experience with VPN technologies including Cisco AnyConnect/Secure Access and IPSec site-to-site tunnels; understanding of certificate-based authentication and split tunneling design.
  • Solid understanding of core network security protocols and concepts including TCP/IP, BGP, EIGRP, ACLs, NAT, SSL/TLS inspection, and network segmentation/micro-segmentation.
  • Familiarity with Cisco Catalyst SD-WAN security capabilities, including application-aware policy enforcement, encrypted transport, and security service chain integration.
  • Experience with Cisco Umbrella/Secure Access or similar DNS-layer security and cloud-delivered security platforms; working knowledge of URL filtering, threat intelligence, and SaaS policy management.
  • Experience working within an ITIL-based change management process; comfortable authoring change requests, presenting to CAB, and performing post-implementation and after-action reviews.
  • Ability to work with the Microsoft Suite and Customers Bank’s internal collaboration and ticketing applications; familiarity with scripting (e.g., Python, Ansible) for firewall automation and policy management is a plus.

Preferred Qualifications:

  • Familiarity with security and compliance frameworks relevant to a regulated financial institution (e.g., PCI-DSS, SOX, NIST CSF, FFIEC); ability to translate regulatory requirements into technical security controls.
  • Palo Alto Networks certifications (PCNSE or equivalent) are preferred; Cisco security certifications (CCNP Security, CCIE Security) are also highly valued. A demonstrated track record carries equal weight to certifications.
  • ITIL Foundation certification or equivalent experience with change and incident management practices.
  • Experience with Microsoft Azure networking and cloud security, including Azure Firewall, NSGs, Virtual WAN, ExpressRoute, and integration with on-premises security infrastructure.

About Customers Bank

Customers Bank is a full-service bank that provides a range of financial products and services to individuals, businesses, and institutions. The bank offers checking and savings accounts, loans, mortgages, credit cards, and wealth management services, among others. Customers Bank operates through a network of branches and ATMs in several states, including Pennsylvania, New York, New Jersey, Rhode Island, Massachusetts, New Hampshire, and Illinois. The bank is known for its innovative digital banking solutions, such as its mobile app and online banking platform, which allow customers to manage their accounts and transactions from anywhere, anytime.
Learn more about Customers Bank
Size
1,200 employees
Industry

Similar Jobs

More Jobs at Customers Bank

More Information Technology Jobs

Find similar Network Security Engineer jobs: