Key skills
Enterprise networkingRoutingSwitchingTCP/IPDNSVPN technologiesNetwork segmentationSecure remote access technologiesNext-generation firewallsSecure web gatewaysWeb application firewallZero-trust security platformsFirewall policy managementNATIPS/IDSBGP routing protocolWeb certificatesPKITLS/SSL encryptionCertificate lifecycle managementLAN/WAN designVLAN implementationHybrid cloud networkingPacket captureTraffic analysisCentralized loggingSIEMSecurity monitoringAlertingLog analysisVulnerability managementSecurity assessment toolsMonitoring and observability platformsVMware NSX-TSoftware-defined networkingAILeadershipCommunicationNetwork SecurityCloud SecurityWAFFirewall
About this role
SimSpace is an AI Proving Ground that enables organizations to train, test, and outmaneuver adversaries in any environment. The Senior Network Security Engineer is responsible for the design, implementation, monitoring, maintenance, and security of enterprise network infrastructure and security platforms, serving as a technical resource and subject matter expert in network and security operations.
Responsibilities:
- Act as the subject matter expert for SimSpace network and network security infrastructure
- Design, implement, support, and secure enterprise network infrastructure and software-defined networking solutions
- Configure and maintain complex VMware environments leveraging NSX-T, DVS, and software-defined networking technologies
- Contribute to the design and implementation of resilient, secure, and scalable network architectures
- Configure and troubleshoot virtual networking, VLANs, VRFs, traffic forwarding, and hybrid cloud connectivity
- Troubleshoot all levels of network connectivity issues including, but not limited to, network outages, switch failures, network performance, network interface card (NIC), cabling, TCP/IP configuration, etc
- Manage and optimize secure web access technologies including content filtering, secure web proxy, SSL inspection, DLP, and zero-trust remote access platforms
- Administer next-generation firewall infrastructure, including firewall policies, ACLs, NAT, IPS/IDS, VPNs, routing, segmentation, and high-availability configurations
- Manage web application firewall (WAF) and edge security technologies, including rulesets, custom protections, bot mitigation, and application-layer threat prevention
- Perform troubleshooting of complex network and security incidents, including outages, performance issues, routing failures, VPN issues, and security events
- Assist in vulnerability management activities for network and security infrastructure, including performing web application vulnerability assessments using DAST tools, coordinating remediation efforts, and validating corrective actions
- Monitor network and security infrastructure performance and execute corrective actions as needed
- Support centralized logging, security monitoring, alerting, and threat analysis activities across network and security platforms
- Assess existing network and security technologies to identify opportunities for modernization, improved security posture, and operational efficiency
- Maintain documentation, standards, and operational procedures for network and security infrastructure
- Provide technical leadership, mentorship, and guidance to junior engineers and operational staff
- Participate in maintenance activities, infrastructure upgrades, and business-driven technology projects
Requirements:
- 8+ years of network engineering experience
- 5+ years of hands-on network security or security infrastructure experience
- Strong understanding of enterprise networking concepts, protocols, and infrastructure design
- Strong knowledge of routing, switching, TCP/IP, DNS, VPNs, network segmentation, and secure remote access technologies
- Experience managing next-generation firewalls, secure web gateways, WAFs, and zero-trust security platforms
- Strong hands-on experience with firewall policy management, NAT, IPS/IDS, VPN technologies, and routing protocols including BGP
- Strong understanding of web certificates, PKI, TLS/SSL encryption, certificate lifecycle management, and troubleshooting certificate-related connectivity or inspection issues
- Experience with LAN/WAN design including IP allocations, segmentation, VLAN implementation, and hybrid cloud networking
- Proficiency with packet captures, traffic analysis, and network troubleshooting methodologies
- Experience with centralized logging, SIEM, security monitoring, alerting, and log analysis platforms to support threat detection and incident investigation
- Familiarity with vulnerability management and security assessment tools
- Experience with monitoring and observability platforms
- Ability to lead technical implementations, infrastructure upgrades, and operational initiatives
- Ability to quickly learn and adapt to new technologies and platforms
- Strong written and verbal communication skills
- Industry certifications such as CISSP, CCNP Security, GIAC, or equivalent
- Experience supporting cloud networking and cloud security platforms
- Experience supporting compliance frameworks such as SOC 2, ISO 27001, or CMMC
- Understanding of how to leverage AI and automation technologies to improve security operations, operational efficiency, threat analysis, and workflow optimization