Network Security Lead

Duration: 12 Months
Location: Remote Opportunity

The Network Security Lead is responsible for designing, implementing, and governing a global network security architecture across data centers, labs, offices, and cloud environments. This role combines deep engineering expertise with strategic leadership, driving architecture, automation, and operational excellence across a hybrid infrastructure.

The Network Security Lead will own the architecture and evolution of all network security domains—including core and lab networks, firewalls, on-premise proxies, and cloud connectivity—while leading and managing the Managed Service Provider (MSP) responsible for daily engineering, administration, and network analysis.

This role emphasizes AI-driven automation, leveraging machine learning and analytics to reduce manual effort and accelerate detection, response, and configuration management across the enterprise.

---

ESSENTIAL DUTIES & RESPONSIBILITIES

Architectural Leadership

• Design and maintain the global network security architecture, spanning:

  • Core corporate and data center networks

  • Lab network segmentation and lab firewalls

  • On-premise proxies and remote access gateways

  • Cloud security architecture (Azure, AWS, GCP), including hub-and-spoke and zero-trust models

• Define the long-term network security roadmap, balancing resilience, performance, and scalability.

• Develop secure reference architectures for Prisma Access SD-WAN, NGFW, Infoblox DNS/DHCP, and VPN platforms.

• Partner with Infrastructure, Network, Cloud, and InfoSec teams to ensure consistent policy enforcement and visibility across all network zones.

Operational Oversight & Vendor Management

• Lead and manage the MSP responsible for L2/L3 network security engineering, administration, and monitoring.

• Define performance metrics, escalation procedures, and automation goals for MSP-delivered services.

• Ensure adherence to SLAs and architectural standards through regular audits and technical reviews.

• Oversee incident response coordination for network-related security events and P1/P2 outages.

• Ensure completion (direct or delegated) of network security operational procedures, including firewall object management, certificate and license updates, session table maintenance, and troubleshooting error conditions.

• Oversee execution of SOP-defined network security tasks (e.g., AV updates, DR activities, firewall deployments, privileged access workflows), ensuring completeness and compliance through MSP and internal resources.

• Lead and optimize privileged access provisioning, external user onboarding, browser extension deployment, and OTP verification processes, ensuring alignment with SOPs and policy standards.

• Regularly review, update, and contribute to network security SOP documentation to ensure alignment with evolving enterprise requirements and new technologies.

Automation & AI Integration

• Implement AI and machine learning technologies to automate network telemetry analysis, anomaly detection, and response workflows.

• Reduce manual troubleshooting through AIOps, predictive analytics, and autonomous configuration management.

• Drive adoption of automated rule verification, configuration compliance, and zero-touch provisioning across the network security ecosystem.

Engineering & Governance

• Provide expert guidance on routing, switching, segmentation, encryption, and authentication frameworks.

• Develop and enforce network security policies and standards integrated with enterprise GRC systems.

• Review and approve firewall rules, access control lists, and proxy configurations.

• Conduct security architecture reviews for new projects and cloud integrations.

• Participate in quarterly business reviews (QBRs) and executive governance meetings to report on security posture, incidents, and improvement initiatives.

Mentorship & Collaboration

• Serve as a technical mentor to engineers across Infrastructure and InfoSec teams.

• Collaborate with the CISO, Cloud Security, and SOC leaders to align network and cyber defense strategy.

• Coordinate with compliance and audit teams to ensure evidence of network security control effectiveness.

Compliance & Audit Coordination

• Supply detailed technical evidence, logs, reports, and SOP documentation for internal and external audits.

• Facilitate audit comment tracking and periodic access verification activities per SOP guidance.

Platform & Product Expertise

• Maintain expertise in organization-specific network security platforms (e.g., Panorama, NP Extranet, aiSSD), browser integrations, and licensing schemes.

• Support operational SOPs while driving troubleshooting and integration improvements.

Incident Response & Troubleshooting

• Own and participate in root cause analysis, session table clearances, and remediation of nonfunctional errors.

• Demonstrate strong knowledge of day-to-day troubleshooting SOPs.

---

REQUIRED QUALIFICATIONS

Knowledge, Skills & Abilities

• Expertise in network and security architecture design, including:

  • NGFWs, VPNs, SD-WAN (Prisma Access), segmentation, proxies, and hybrid connectivity

  • Network automation frameworks (Ansible, Terraform, Python)

  • Routing and switching protocols (BGP, OSPF, EIGRP, VXLAN, MPLS)

  • DNS/DHCP/IPAM (Infoblox), SSL/TLS, PKI, SSO/SAML/OAuth

  • Cloud networking (Azure, AWS, GCP), including transit gateways, VPC/VNet security groups, and private endpoints

• Deep understanding of Zero Trust Network Architecture (ZTNA) and Secure Access Service Edge (SASE) models.

• Strong vendor management and MSP governance experience.

• Experience applying AI and automation in network operations, security analytics, and policy optimization.

• Excellent communication and leadership skills with the ability to translate technical strategy into business impact.

Education & Certifications

• Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or a related technical discipline.

• 8+ years of experience in network security or infrastructure engineering.

• 3+ years of experience in architecture-level leadership or MSP oversight.

Preferred Certifications

• Cisco CCNP/CCIE Security

• Palo Alto PCNSE

• AWS Certified Advanced Networking or Azure Network Engineer Associate

• CISSP or equivalent cybersecurity certification

---

SUCCESS METRICS

• Delivery of an integrated global network security architecture supporting corporate and lab environments.

• Reduction in mean time to detect and respond (MTTD/MTTR) through AI-enabled automation.

• Demonstrated SLA compliance and operational maturity of MSP-delivered services.

• Consistent alignment with enterprise risk and governance frameworks.

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 65.00/hr.