About the RoleThe Network Security Engineer will join the US Solutions Delivery team, implementing and supporting enterprise firewall and network security solutions across customer environments. This is a hands-on, delivery-focused role centered on Cisco ASA and FTD platforms, and NGFW deployments. The engineer owns assigned workstreams end-to-end - from lab validation through production cutover - and works closely with architects, project managers, and customer stakeholders. The engineer should be US Citizen and willingness to travel is required.
Key ResponsibilitiesFirewall Deployment & Operations- Implement and configure enterprise firewall and network security solutions (NGFW/FTD, VPNs, NAT, NAC/ISE, SASE) in alignment with approved designs
- Manage and maintain firewall policies, including access rules, NAT, objects, zones, and security profiles following best practices
- Perform testing and validation of firewall rules and security configurations in lab or staging environments before production deployment
Migration & Troubleshooting - Support firewall migrations from Cisco ASA and third-party platforms to Cisco FTD
- Troubleshoot and resolve firewall and network security issues, including traffic drops, NAT issues, VPN failures, and routing/DNS/DHCP dependencies
- Identify and implement opportunities for optimization and automation, such as rule cleanup, standardization, and workflow improvements
Execution & Coordination - Collaborate with architects, senior engineers, and project managers to ensure accurate and timely solution delivery
- Participate in project sync-ups and technical discussions to understand requirements, scope, and deployment sequencing
- Take ownership of assigned tasks end-to-end, including escalation, root cause analysis (RCA), and issue resolution
Documentation & Continuous Improvement - Create and maintain comprehensive documentation, including firewall rules, network diagrams, VPN inventories, and operational runbooks
- Stay current on firewall platforms, SASE, Zero Trust, and network security practices, applying new learnings to day-to-day delivery work
Basic Qualifications- Candidate should be a US citizen.
- Bachelor's degree in computer science, Information Technology, Cybersecurity, or related field
- 5-7 years of experience in cybersecurity, with a strong focus on firewall design and implementation
- 4+ years of hands-on experience designing and implementing Cisco ASA and Cisco FTD firewall environments or any third-party firewalls such as Palo Alto/Fortinet/Checkpoint experience with limited Cisco Firewall experience.
- Proven expertise in troubleshooting firewall and VPN connectivity issues, including NAT, routing, and policy-related problems
- Good understanding of NGFW features such as malware protection, threat detection, URL filtering, SSL decryption, and Intrusion Prevention Systems (IPS); hands-on experience preferred
- Experience working with multi-instance firewall environments
- Strong understanding of core networking concepts: TCP/IP, DNS, DHCP, subnetting, NAT, VPNs, and routing/switching fundamentals
- Willingness to travel across the U.S. to support customer deployments and firewall rollouts.
Preferred Qualifications- CCNP Security certification or equivalent demonstrated expertise
- Experience with Cisco Secure Access, Umbrella, or XDR platforms.
- Knowledge of Zero trust/SASE implementations.
- Knowledge of Cisco ISE for NAC/802.1X integration alongside firewall deployments
- Experience with security automation and scripting (Python, Ansible, APIs)
- CISSP, GIAC, or other industry-recognized security certifications
- Familiarity with compliance frameworks (PCI-DSS, HIPAA, SOC 2, NIST)
- Prior experience in a consulting, professional services, or partner-led delivery model
Salary Range $90,000 - $140,000 USD + Benefits
This is a full-time role with Gruve. Please note that Gruve does not provide visa sponsorship for this position; candidates must be U.S. citizens or Green Card holders to apply. This is an on-site role based in Edison, New Jersey. 
