Network Segmentation Engineer - Security Focus

United States, New York
Job ID: 2139

Job Description

[c. $175-250k Comp Package | Flexible Working Needed - see below]

Our client, a leading investment management firm, is looking for a skilled Network Segmentation Security Specialist to join their Information Security team. The ideal candidate will have a strong background in network security fundamentals, with a focus on network segmentation and zero trust tools and strategies.

Key Responsibilities:

  • Design, implement, manage, and maintain the network segmentation solution
  • Collaborate with engineering and application development teams to ensure alignment on network segmentation requirements
  • Independently and collaboratively troubleshoot and resolve escalated issues
  • Provide technical training and guidance to Tier I & II Technicians
  • Work with Networking Engineering and Operations teams on the global network segmentation strategy, offering insights on security architecture
  • Manage and configure network security platforms (firewalls, IDS/IPS, WAF, DDoS) to align with industry best practices
  • Ensure secure integration of cloud services (AWS, Azure, GCP), implementing network segmentation security controls
  • Perform risk assessments of applications to identify network security vulnerabilities and propose remediation plans
  • Create documentation and train colleagues on network segmentation best practices and policies

Key Requirements:

  • Bachelor's degree in Computer Science, Information Security, related field, or equivalent industry experience
  • 3-5 years of experience as a network security engineer or architect
  • Deep understanding of network segmentation, including micro segmentation and zero trust architecture using tools like Illumio, Guardicore, Zero Networks, NSX-T, Cisco ACI, and Unisys Stealth
  • Hands-on experience with network security architectures and products, such as firewalls (Palo Alto Networks), intrusion detection and prevention systems (IDS/IPS), and SIEM (Splunk) platforms
  • Familiarity with Secure Access Service Edge (SASE) and Cloud Access Security Broker (CASB) architectures
  • Strong communication skills, with the ability to convey technical concepts to non-technical audiences
  • Ability to analyse network traffic, identify security threats, propose effective solutions, and provide strategic direction
  • Willingness to participate in 24/7 on-call rotation as needed


Apply for this role

All fields marked with * are required.

I confirm I have a pre-existing Right to Work in this location *

Back to Job Listings