Network Security Engineer

Description:

Key Responsibilities
• Configure, tune, and manage Snort v2 and Snort v3 IDS/IPS systems.
• Manage and operate Cisco Firepower and Cisco IPS/IDS solutions.
• Analyze network traffic, security logs, and packet captures to detect and respond to threats.
• Design and maintain detailed network maps and security architecture documentation.
• Collaborate with SOC analysts, security engineers, and customers to define security requirements and solutions.
• Interface with customers professionally and present technical information to both technical and non-technical audiences.
• Manage and maintain the security posture of the IPS platforms themselves, including regular patching, configuration reviews, and vulnerability mitigation.
• Work closely with Red Team and Blue Team engineers to enhance and optimize detection signatures and rule sets based on findings from threat hunts, threat intelligence, and adversary simulations.
• Evaluate and integrate new threat detection technologies.
• Perform regular rule tuning and optimization of detection systems to reduce false positives.
• Maintain documentation and adhere to change control and incident response procedures.
Required Skills and Qualifications
• Minimum 8+ years of experience in network security engineering roles.
• Expert-level experience with Snort v2 and v3, including rule creation and tuning.
• Strong hands-on experience with Cisco IPS/IDS and Firepower Management Center.
• Excellent understanding of network protocols, architecture, and security principles.
• Ability to draw and maintain network and security architecture diagrams (using tools like Visio, Lucidchart, etc.).
• Strong experience with packet analysis tools such as Wireshark, tcpdump.
• Familiarity with security operations and SIEM platforms (Splunk, QRadar, etc.).
• Excellent written and verbal communication skills; capable of interfacing with customers and stakeholders at all levels.