Cybersecurity Infrastructure Engineer

Cybersecurity Infrastructure Engineer

Requirements

• Bachelor’s degree in Computer Science, Cyber Security, Information Systems, Telecommunications, or related technical field.
• 4 years of hands-on experience in a network security engineering or cybersecurity infrastructure role, with a strong understanding of network principles.
• CompTIA Security+ certification or equivalent industry-recognized security certification.

Responsibilities

• Design, develop, and maintain scripts and tools to automate the configuration, deployment, and management of a large number of physical and virtual firewalls and network infrastructure devices across multiple data centers, significantly improving efficiency and consistency.
• Propose, design, and implement enhancements to the network security infrastructure to improve performance, scalability, reliability, and security posture. This includes addressing performance bottlenecks, scalability limitations, and service architecture administration issues.
• Design, install, configure, and maintain a wide range of network security services, equipment, and devices.
• Plan and support the evolution and expansion of the network security infrastructure to meet business demands and security requirements.
• Apply capacity planning configuration changes proactively to ensure the network security infrastructure can support business growth and peak demands.
• Proactively monitor the health and performance of the network security infrastructure, troubleshoot complex platform, OS, and connectivity issues, and implement effective solutions in a 24×7 mission-critical environment.
• Perform thorough launch testing for new software releases and the introduction of new security features to ensure stability and effectiveness.
• Develop and maintain clear, concise technical documentation and written procedures for identified issues, implemented solutions, and standard operational practices.
• Ensure adherence to security best practices and contribute to maintaining relevant compliance standards within the network security infrastructure.
• Provide timely and effective on-call support outside of business hours as required.
• Coordinate the procurement of network security equipment (physical and virtual), and manage the upgrading, monitoring, testing, and servicing of these systems.

Preferred Qualifications

• Proven experience participating in and ideally leading projects involving the implementation of new network security solutions and technologies.
• Solid experience with a range of network security products, including firewalls (e.g., Palo Alto Networks, Cisco ASA), intrusion detection/prevention systems (IDS/IPS), VPNs, and content filtering solutions.
• Strong foundational knowledge of networking principles and protocols, including TCP/IP, routing (e.g., BGP, OSPF), switching, and network segmentation.
• Excellent verbal and written communication skills, with the ability to articulate technical concepts clearly to both technical and non-technical audiences.
• Demonstrated working proficiency in scripting languages such as Python, Bash, or other relevant automation languages.
• Proven ability to manage multiple projects with varying priorities simultaneously and deliver results effectively.
• Strong working knowledge of Linux operating systems (e.g., RedHat, Ubuntu, Alma, Rocky Linux) in a server environment.
• Experience with infrastructure-as-code and automation tools such as Ansible, Terraform, or similar technologies.
• Understanding of web services, REST APIs, and their security implications.
• Hands-on experience with VMware ESXi and managing virtual security appliances.
• Self-motivated individual with strong research skills and a proven ability to collaborate effectively within a team environment.
• Experience integrating with and managing authentication services (LDAP, Microsoft AD, RADIUS, SAML, OAuth).
• CCNA Routing and Switching or other relevant networking certifications (e.g., CCNP Security).
• Familiarity with cloud security concepts and platforms (e.g., AWS, Azure, GCP).