A fragmented perimeter, rising traffic and a multi-vendor firewall estate are creating recurring incidents that slow down delivery. A Network Security Engineer with deep firewall expertise and Ansible automation skills will drive consolidation, cut approval time and turn incident response measured in hours into minutes.
The Mission
You will join a 12-strong network and security team responsible for a national-scale corporate estate that spans an MPLS backbone, Express Route links to cloud providers, and multiple public-facing services. The current programme is focused on reducing the rule footprint across firewalls and WAFs, securing VPN access, and integrating cloud access controls like Netskope to tighten lateral movement.
In this senior network security engineer role you will own firewall rule lifecycle and Algosec firewall rule management, define resilient IP routing and load balancing topologies, and build firewall automation with Ansible to speed safe changes. Your work will directly reduce incident recurrence through problem management, improve telemetry via syslog pipelines, and simplify access for 10k+ users and critical business services.
Your Responsibilities
- Design and implement multi-vendor firewall and WAF architectures that reduce rule complexity and enforce least privilege.
- Lead Algosec-based firewall reviews and implement automated change workflows with Ansible to shorten change windows and minimise risk.
- Define secure IP routing, MPLS and Express Route topologies and resilient load balancing to ensure predictable traffic flows.
- Own VPN IPSEC and VPN SSL deployments, proxy integrations and WiFi security to deliver consistent remote and cloud access.
- Automate telemetry and logging, forward syslog to monitoring stacks and produce runbooks that reduce mean time to repair.
- Drive problem management and perform root cause analysis to eliminate recurring incidents and document durable fixes.
Your Profile
Essential Skills
- Proven capability managing stateful firewall platforms and WAFs, including rule optimisation and cross-vendor coordination (Algosec experience a plus).
- Hands-on experience with VPN IPSEC and VPN SSL architecture, troubleshooting and performance tuning.
- Strong understanding of IP routing, MPLS, Express Route, switching and load balancing in high-availability environments.
- Practical automation skills using Ansible and scripting (Python, Bash) to standardise deployments and run automated tests.
- Experience integrating cloud access controls such as Netskope, and deploying forward and reverse proxy solutions.
- Working knowledge of Active Directory for network authentication and access control integrations.
- Comfortable with syslog collection, parsing and feeding monitoring and incident platforms.
- Experience with WiFi security design and operational support, and a track record in problem management and incident response.
Languages
- French: C1 (one of French or Dutch should be C1)
- Dutch: C1 (one of Dutch or French should be C1)
- English: B2