Network Security Engineer

Job Title: Network Security Engineer

Location: Shimla

Experience: 5 Years (STRICTLY)

Employment Type: Permanent

Notice Period: Immediate Joiners Only

About the Company

Our client is a trusted global innovator of IT and business services, present in 50+ countries. They specialize in digital & IT modernization, consulting, managed services, and industry-specific solutions. With a commitment to long-term success, they empower clients and society to move confidently into the digital future.

Job Description

Overview of the Role

The ideal candidate will be responsible for implementing, configuring, and managing advanced security technologies to safeguard against sophisticated threats. This role requires hands-on experience with next-generation security solutions and a proactive approach to ensuring high availability, performance, and secure access across both internal and external networks.

Roles and Responsibilities

- Manage secure and redundant routing and switching infrastructure to ensure 24x7 availability of critical services. - Implement network segmentation to enhance security, improve performance, and isolate faults across departments. - Ensure VPN connectivity (IPSec/SSL) for remote offices and departments in line with security policy frameworks. - Deploy, configure, and maintain Next Generation Firewalls (NGFWs) for traffic inspection, threat prevention, and application control. - Operate Anti-DDoS solutions to counter volumetric and protocol-based attacks. - Enforce Web Application Firewall (WAF) protections for public-facing applications and servers. - Utilize Anti-APT solutions to detect, analyze, and contain advanced persistent threats. - Administer Software and Link Load Balancers to ensure service uptime and bandwidth optimization across multiple ISP connections. - Design and maintain high-availability security architectures for critical enterprise applications. - Deploy and manage Endpoint Security tools including antivirus, device control, and policy enforcement for desktops, laptops, and servers. - Monitor and control sensitive data using Data Loss Prevention (DLP) tools aligned with organizational data classification guidelines. - Integrate and operate EDR/XDR solutions for continuous endpoint monitoring and incident response. - Implement malware protection tools for both end-user and server environments. - Enforce Access Control Policies including role-based access, least privilege, and scheduled access reviews. - Implement data encryption standards and manage secure key handling and PKI-based authentication mechanisms. - Operate Intrusion Detection/Prevention Systems (IDS/IPS) to identify and mitigate malicious traffic. - Analyze logs and security events using SIEM tools to uncover policy violations and emerging threats. - Lead incident response efforts in coordination with CERT-In, Third Party Auditors (TPA), and MeitY in case of security breaches.

Desired Skills/Background

- Certifications: CCNP Security, Fortinet NSE, or JNCIS-SEC (mandatory). - Strong grasp of network and cybersecurity principles, standards, and best practices. - Hands-on experience with firewalls, VPNs, IDS/IPS, load balancers, DLP, SIEM, EDR/XDR, and endpoint protection technologies. - Excellent analytical, problem-solving, and troubleshooting capabilities. - Ability to manage complex, high-availability security architectures in enterprise-scale environments. - Proven experience in incident handling, root cause analysis, and working with regulatory bodies and third parties.