A large public-sector transport operator is strengthening its network security posture and automating policy management across on-prem and cloud environments. This senior role focuses on firewall policy lifecycle and automation using Algosec and Ansible, and on securing Azure cloud connectivity including ExpressRoute links. The team manages perimeter devices, VPNs, WAFs and WiFi at operational scale and expects an engineer who can both implement and transfer knowledge to the internal network team.
The mission
The team operates a mixed on-premise and Azure network that connects corporate sites, data centres and cloud services, serving thousands of internal users and critical operational systems. Current work includes centralising firewall policy management with Algosec, automating deployments with Ansible, and standardising cloud connectivity via Azure ExpressRoute. Security controls in scope include firewalls, proxy services, VPN, WAF, Netskope for cloud access, MPLS and load balancing.
Day to day you will design and implement network security configurations, author automation playbooks and runbooks, and lead incident troubleshooting for complex routing and security issues. You will coach and mentor the internal network team, own problem and change tickets, and contribute to project delivery for migrations and upgrades scheduled across the next 12 to 18 months.
Your responsibilities
- Design and deliver firewall and network security configurations that reduce exposure and simplify policy management across on-prem and Azure environments
- Automate repetitive policy and device tasks using Ansible and Algosec playbooks to shorten change lead time and reduce human error
- Investigate and resolve high-impact incidents, using WireShark and advanced IP routing knowledge to restore services and prevent recurrence
- Lead technical aspects of projects such as ExpressRoute setups, VPN and MPLS integrations, and WAF and proxy deployments
- Coach internal network engineers, review operational runbooks and improve change and problem management processes
- Produce clear technical documentation and NIS2-aligned procedures for security audits and compliance reviews
Your profile
Essential skills
- Senior-level experience, typically 5+ years, in network security engineering and operational support
- Proven experience with Algosec for policy auditing and lifecycle management
- Strong automation and scripting capability using Ansible and common scripting languages to create and maintain playbooks
- Hands-on experience with Azure networking, including ExpressRoute, VPNs and cloud access controls
- Deep knowledge of firewall technologies, proxy (forward and reverse), WAF, VPN, load balancing, MPLS, switching and IP routing
- Operational experience with Netskope or similar CASB solutions and with WiFi network security
- Practical troubleshooting skills with WireShark and structured problem management, plus project management experience for medium-sized technical projects
- Clear communication skills to explain technical decisions to non-technical stakeholders and to coach team members
Languages
- French: C1-C2
- Dutch: C1-C2
- English: B2
Education
- Bachelor degree in Computer Science, Network Engineering, Telecommunications or equivalent professional experience