Network & Security Specialist
We are seeking a hands-on Network & Security Specialist to join our team. The primary focus of this role is the execution of Low-Level Designs (LLD) for enterprise environments & Carry out POC and POV. You will be responsible for the configuration, deployment, and migration of multi-vendor security infrastructure, specifically focusing on Cisco, Fortinet, and Palo Alto Networks.
Experience: 5+ years of total experience in Network Engineering, with a minimum of 3 years dedicated to implementation projects (Post-Sales).
Key Responsibilities:
- Multi-Vendor Configuration: Perform end-to-end configuration of network security hardware and virtual appliances:
- Cisco: ISR/ASR routers, Catalyst/Nexus switches, ISE (NAC), and Firepower (FMC/FTD).
- Fortinet: FortiGate NGFWs (HA Clusters, VDOMs), FortiManager, and FortiAnalyzer.
- Palo Alto: Strata NGFWs, Panorama management, and GlobalProtect VPNs.
- Migrations: Execute complex firewall migrations (e.g., Legacy to NGFW) using tools like Expedition or Forti Converter, ensuring rule-base optimization and zero business disruption.
- Secure Connectivity: Configure and troubleshoot complex VPN environments, including IPsec Site-to-Site, DMVPN, SD-WAN overlays, and Remote Access (SSL/TLS).
- Segmentation: Implement network segmentation strategies (VLANs, VRFs, TrustSec) and Zero Trust security zones.
- Documentation & Testing
- Low-Level Design (LLD): Validate HLDs and produce detailed LLDs, including IP addressing schemas, interface mappings, and routing policies.
- As-Built Documentation: Create comprehensive post-implementation documentation, including Visio topology diagrams, rack layouts, and cable matrices.
- Testing & Handover: Conduct User Acceptance Testing (UAT) and write Network Ready for Use (NRFU) reports to ensure smooth handover to the Operations/Support teams.
- Compliance & Best Practices
- Hardening: Apply industry-standard hardening configurations (CIS Benchmarks, Vendor Best Practices) to all devices before production cutover.
- Policy Optimization: Ensure all firewall policies utilize strict App-ID, User-ID, and Security Profiles (IPS, AV, Web Filtering) rather than legacy port-based rules.
Required Qualifications & Skills:
| Technology | Required Proficiency |
| Cisco Systems | Routing/Switching: OSPF, BGP, MPLS, VXLAN.
Security: Cisco ISE (Dot1x, MAB, Profiling), Firepower Threat Defense. |
| Palo Alto Networks | NGFW: App-ID, User-ID, Decryption (SSL Forward Proxy), Zone Protection.
Management: Panorama (Templates, Device Groups). |
| Fortinet | Security Fabric: FortiGate, FortiManager, FortiAnalyzer, SD-WAN implementation. |
| General Networking | Deep understanding of TCP/IP, Subnetting, DNS, DHCP, and Packet Analysis (Wireshark). |
Education & Certifications:
- Bachelor’s degree in Computer Science, Information Technology, or Engineering.
- Professional Certifications: (Minimum of two required)
- Cisco: CCNP Security or CCNP Enterprise.
- Palo Alto: PCNSE (Palo Alto Networks Certified Network Security Engineer).
- Fortinet: NSE 4 (Network Security Professional) or NSE 7 and NSE 8 (Network Security Architect).
Core Competencies
- Problem Solving: Ability to troubleshoot complex connectivity issues (MTU, Asymmetric Routing, NAT) under pressure during maintenance windows.
- Communication: Strong technical writing skills for documentation and professional verbal communication for client-facing engagements.
- Autonomy: Capable of working independently on client sites with minimal supervision.
Driving License:
Required
Languages:
Bilingual (Arab Speakers Preferred)
Apply for this position:
To apply for this position kindly email your resume at: suhad@alpha.ae