New Millenium Consulting
Network Security Engineer
Location: New York, NY (Hybrid – 3 days onsite). Job type: Contract W-2 (Sponsorship offered). Must have financial services industry experience. A global bank is seeking a Network Security Engineer to join their New York office. The Network Security Engineer must have hands‑on experience in network security management and lead the design and administration of network security infrastructure, focusing on critical components such as DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access, and DMZ connectivity. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation, is required. Responsibilities
Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals. Ensure optimal network performance through continuous monitoring and prompt incident response. Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts. Collaborate with infrastructure teams to resolve network‑related challenges and ensure seamless operations across departments. Work closely with audit and IT Security teams to provide necessary documentation and implement remediation plans as required. Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team. Conduct vulnerability assessments and manage patching processes to mitigate and report security risks across the AMER region. Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents and trends. Utilize security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response. Skills
Extensive understanding of network technologies – L2, L3, VXLAN, BGP, LAN/WAN/VPN Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy‑pac scripting Troubleshooting knowledge of network and security systems with minimal guidance OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience Strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure Knowledge of Arista and Cisco design, configuration and automation (definite plus) Knowledge of scripting languages such as Python, PowerShell or Ansible; Ansible scripting is a plus Education & Experience
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s preferred. 8+ years of hands‑on experience in network security management, preferably within the financial services industry. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation. Certifications
Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security are a plus. Highly desirable CISSP, CISM.
#J-18808-Ljbffr
Location: New York, NY (Hybrid – 3 days onsite). Job type: Contract W-2 (Sponsorship offered). Must have financial services industry experience. A global bank is seeking a Network Security Engineer to join their New York office. The Network Security Engineer must have hands‑on experience in network security management and lead the design and administration of network security infrastructure, focusing on critical components such as DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access, and DMZ connectivity. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation, is required. Responsibilities
Lead the design and administration of network security infrastructure, focusing on critical components including DNS, F5 Load Balancers, Fortinet and Palo Alto firewalls, VPNs, proxies, Remote Access and DMZ connectivity. Drive technology projects aimed at enhancing cybersecurity and improving network performance in alignment with organizational goals. Ensure optimal network performance through continuous monitoring and prompt incident response. Maintain comprehensive documentation, including network security asset inventories, diagrams, procedures and vendor contacts. Collaborate with infrastructure teams to resolve network‑related challenges and ensure seamless operations across departments. Work closely with audit and IT Security teams to provide necessary documentation and implement remediation plans as required. Mentor and train junior engineering staff, fostering a culture of growth and skill development within the network team. Conduct vulnerability assessments and manage patching processes to mitigate and report security risks across the AMER region. Develop and deliver regular security reports to Leadership, highlighting key metrics, incidents and trends. Utilize security tools such as SIEM, Splunk, Centreon and Qualys for effective monitoring and incident response. Skills
Extensive understanding of network technologies – L2, L3, VXLAN, BGP, LAN/WAN/VPN Extensive understanding of security technologies such as firewall, load balancing, proxy, authentication methods Strong knowledge of DNS/DHCPWSG (Web Security Gateways), Proxy‑pac scripting Troubleshooting knowledge of network and security systems with minimal guidance OSI Layer 4 and Layer 7 protocol analysis and troubleshooting experience Strong understanding of Zero Trust Architecture and Network Access Control design for enterprise network infrastructure Knowledge of Arista and Cisco design, configuration and automation (definite plus) Knowledge of scripting languages such as Python, PowerShell or Ansible; Ansible scripting is a plus Education & Experience
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s preferred. 8+ years of hands‑on experience in network security management, preferably within the financial services industry. Extensive experience managing Cisco Firepower, Fortinet and Palo Alto firewalls, including DMZ design implementation. Certifications
Relevant certifications such as Fortinet NSE 4/5, Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco CCNP Enterprise and CCNP Security are a plus. Highly desirable CISSP, CISM.
#J-18808-Ljbffr