Nesco Resource
Join the vanguard of technological innovation in the financial epicenter of New York City as a Senior Network Security Engineer.
Overview:
We're seeking a Senior Network Security Engineer
to lead the design, implementation, and oversight of enterprise network security infrastructure across a global financial environment. This role combines hands-on engineering expertise, strategic leadership, and collaboration across cybersecurity, infrastructure, and compliance teams to ensure a resilient, secure, and high-performing network.
Key Responsibilities:
Infrastructure Oversight:
Lead the design, administration, and optimization of network security infrastructure, including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, remote access, and DMZ connectivity.
Technology Initiatives:
Drive network and cybersecurity projects that enhance performance, reliability, and compliance with enterprise security objectives.
Continuous Monitoring:
Maintain network stability through proactive monitoring, dashboard development, and rapid response to incidents or performance issues.
Documentation & Governance:
Maintain detailed network documentation, including diagrams, inventories, procedures, and vendor contact records, to support efficient operations and audits.
Cross-Team Collaboration:
Partner with global infrastructure, cybersecurity, and compliance teams to resolve network challenges and align with organizational strategies.
Audit & Security Coordination:
Provide documentation and implement remediation actions based on internal audits, risk assessments, or external security reviews.
Mentorship & Development:
Mentor junior network and security engineers, fostering technical growth and a culture of knowledge sharing.
Vulnerability Management:
Conduct vulnerability assessments, manage patching processes, and report on risk remediation progress.
Security Reporting:
Produce executive-level reports summarizing security metrics, incidents, and emerging trends to inform leadership decisions.
First Line of Defense (LOD1):
Maintain and manage LOD1 network security controls and requests as defined by IT Risk and Compliance frameworks.
Strategy Alignment:
Ensure network and security strategy alignment across regional and global teams.
Tool Proficiency:
Utilize SIEM, Splunk, Centreon, Qualys, or similar tools for network visibility, event analysis, and incident response.
Required Skills & Experience:
Deep understanding of
network technologies
— L2, L3, VXLAN, BGP, LAN/WAN/VPN.
Strong expertise in
security technologies
including firewalls, load balancers, proxies, and authentication frameworks.
In-depth knowledge of
DNS, DHCP, WSG (Web Security Gateways) , and
proxy Client scripting .
Proven ability to
troubleshoot network and security issues
independently.
Experience analyzing
OSI Layer 4 and Layer 7
protocols.
Excellent written and verbal communication, with the ability to translate technical details into business terms.
Working knowledge of
Zero Trust Architecture
and
Network Access Control (NAC)
design principles.
Experience with
Cisco and Arista
networking solutions, including automation capabilities.
Scripting experience with
Python, PowerShell, or Ansible
(Ansible automation a strong plus).
Familiarity with
microsegmentation technologies
(e.g., Illumio, VMware NSX) is advantageous.
Highly organized, self-driven, and adaptable to a dynamic, fast-paced environment.
Demonstrated ownership of tasks, from planning through completion.
Qualifications:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (Master's preferred).
8+ years of hands-on experience in
network security engineering or management , ideally within the financial industry.
Extensive experience managing
Cisco Firepower, Fortinet, and Palo Alto
firewalls and DMZ implementations.
Relevant certifications preferred:
Fortinet NSE 4/5 ,
Palo Alto PCNSE ,
Cisco CCNP Enterprise/Security , with strong consideration for
CISSP
or
CISM .
Proven
project management and leadership
experience, with strong communication and collaboration skills. #LI-DH2
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services. Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
#J-18808-Ljbffr
to lead the design, implementation, and oversight of enterprise network security infrastructure across a global financial environment. This role combines hands-on engineering expertise, strategic leadership, and collaboration across cybersecurity, infrastructure, and compliance teams to ensure a resilient, secure, and high-performing network.
Key Responsibilities:
Infrastructure Oversight:
Lead the design, administration, and optimization of network security infrastructure, including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, remote access, and DMZ connectivity.
Technology Initiatives:
Drive network and cybersecurity projects that enhance performance, reliability, and compliance with enterprise security objectives.
Continuous Monitoring:
Maintain network stability through proactive monitoring, dashboard development, and rapid response to incidents or performance issues.
Documentation & Governance:
Maintain detailed network documentation, including diagrams, inventories, procedures, and vendor contact records, to support efficient operations and audits.
Cross-Team Collaboration:
Partner with global infrastructure, cybersecurity, and compliance teams to resolve network challenges and align with organizational strategies.
Audit & Security Coordination:
Provide documentation and implement remediation actions based on internal audits, risk assessments, or external security reviews.
Mentorship & Development:
Mentor junior network and security engineers, fostering technical growth and a culture of knowledge sharing.
Vulnerability Management:
Conduct vulnerability assessments, manage patching processes, and report on risk remediation progress.
Security Reporting:
Produce executive-level reports summarizing security metrics, incidents, and emerging trends to inform leadership decisions.
First Line of Defense (LOD1):
Maintain and manage LOD1 network security controls and requests as defined by IT Risk and Compliance frameworks.
Strategy Alignment:
Ensure network and security strategy alignment across regional and global teams.
Tool Proficiency:
Utilize SIEM, Splunk, Centreon, Qualys, or similar tools for network visibility, event analysis, and incident response.
Required Skills & Experience:
Deep understanding of
network technologies
— L2, L3, VXLAN, BGP, LAN/WAN/VPN.
Strong expertise in
security technologies
including firewalls, load balancers, proxies, and authentication frameworks.
In-depth knowledge of
DNS, DHCP, WSG (Web Security Gateways) , and
proxy Client scripting .
Proven ability to
troubleshoot network and security issues
independently.
Experience analyzing
OSI Layer 4 and Layer 7
protocols.
Excellent written and verbal communication, with the ability to translate technical details into business terms.
Working knowledge of
Zero Trust Architecture
and
Network Access Control (NAC)
design principles.
Experience with
Cisco and Arista
networking solutions, including automation capabilities.
Scripting experience with
Python, PowerShell, or Ansible
(Ansible automation a strong plus).
Familiarity with
microsegmentation technologies
(e.g., Illumio, VMware NSX) is advantageous.
Highly organized, self-driven, and adaptable to a dynamic, fast-paced environment.
Demonstrated ownership of tasks, from planning through completion.
Qualifications:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (Master's preferred).
8+ years of hands-on experience in
network security engineering or management , ideally within the financial industry.
Extensive experience managing
Cisco Firepower, Fortinet, and Palo Alto
firewalls and DMZ implementations.
Relevant certifications preferred:
Fortinet NSE 4/5 ,
Palo Alto PCNSE ,
Cisco CCNP Enterprise/Security , with strong consideration for
CISSP
or
CISM .
Proven
project management and leadership
experience, with strong communication and collaboration skills. #LI-DH2
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services. Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
#J-18808-Ljbffr