Prudent Technologies and Consulting, Inc. is seeking a skilled Network Security Engineer to design, deploy, and operate enterprise security architectures across network, cloud, and security operations environments. The role focuses on Security Service Edge (SSE), Zero Trust architecture, SIEM engineering, and vulnerability management, ensuring scalable, resilient, and well-integrated security operations capabilities.
Responsibilities:
- Design and implement SSE and Zero Trust Network Access (ZTNA) solutions
- Configure and manage Secure Web Gateways (SWG)
- VPN (IPSEC/SSL) architectures
- Endpoint agent policies and controls
- Lead user migration to cloud-native security platforms such as Prisma Access, Netskope, or Zscaler
- Optimize access policies aligned to Zero Trust principles (least privilege, segmentation, identity-based access)
- Architect, deploy, and optimize Security Information and Event Management (SIEM) platforms (e.g., Splunk)
- Perform log/data onboarding and normalization (Common Information Model)
- Development of correlation rules and detection use cases
- Integrate SIEM with ticketing/workflow systems
- Enhance detection coverage and reduce false positives through tuning and analytics optimization
- Design and operate enterprise vulnerability management programs
- Configure and optimize scanning tools (e.g., Qualys, Tenable)
- Deliver vulnerability remediation insights
- As-built documentation and operational playbooks
- Design and configure multi-vendor firewall architectures, including Palo Alto Networks NGFW, Zscaler SASE, Check Point, Cisco NGFW / Firepower, Fortinet and Juniper platforms
- Implement secure connectivity: IPSEC tunnels, SSL VPN
- Support identity integration (Active Directory, SAML)
- Support secure application access controls
- Provide hands-on operational support and consulting
- Support security operations teams with incident triage enhancements
- Platform troubleshooting and performance tuning
Requirements:
- Hands-on experience in SSE / Zero Trust platforms (Prisma Access, Netskope, Zscaler)
- SIEM engineering and security analytics (Splunk preferred)
- Strong networking and security knowledge: VPNs (IPSEC & SSL)
- Firewalls and network segmentation
- Identity and access integration (AD, SAML)
- SIEM: Splunk Enterprise Security (or equivalent)
- Vulnerability tools: Qualys VM
- Tenable.sc
- Network security: Multi-vendor firewall configurations
- Monitoring and analysis tools
- Strong engineering mindset with hands-on troubleshooting capability
- Ability to bridge architecture and operations (build vs run)
- Strong documentation skills (design docs, runbooks, as-built artifacts)
- Effective collaboration with SOC, network, and cloud teams
- High attention to detail and problem-solving approach
- Experience integrating SIEM with external platforms (ticketing, threat intel)
- Exposure to scripting/automation for security operations workflows
- Configuration optimization
- CISSP (ISC²)
- CompTIA Security+
- Palo Alto PCNSE
- Fortinet NSE 4
- Relevant cloud/security certifications