Network Security Engineer

Everus is a leading specialty contractor in the nation, dedicated to providing exceptional opportunities for its employees. The Network Security Engineer will manage the daily operations and security of the enterprise network, ensuring secure access for users and applications, and continuously enhancing the network security environment.

Responsibilities:

• Administer and operate enterprise SASE capabilities, including cloud-delivered firewall, secure web access, identity-based access, and data protection controls
• Design and enforce Zero Trust, policy-based access controls using identity, device posture, network context, and risk signals
• Architect and support secure access for users, applications, third parties, and cloud workloads regardless of location
• Design, deploy, and manage firewall policies and traffic inspection for inbound, outbound, and east-west network traffic
• Maintain network segmentation strategies to reduce attack surface and prevent lateral movement across enterprise, cloud, and OT environments
• Support secure connectivity models (user-to-app, site-to-site, application-level access) and transition from VPN to cloud-delivered access
• Manage DNS security, web filtering, TLS inspection, and outbound traffic controls to protect enterprise network activity
• Monitor, integrate, and tune SASE and network telemetry with centralized security operations to improve detection and reduce false positives
• Troubleshoot complex network and security issues (routing, DNS, TLS, IPsec, identity) and analyze logs/packet captures for resolution
• Support governance activities including M&A integration, risk assessments, incident response, documentation, audits, and vendor security reviews
• Support mergers and acquisitions by assessing, integrating, and standardizing network security and secure access architectures
• Performs other tasks and special projects as assigned

Requirements:

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field, or equivalent practical experience
• Four years experience in enterprise network security, network engineering, or secure access roles
• Strong understanding of Secure Access Service Edge (SASE) and cloud-delivered network security architectures
• Advanced experience administering firewall, access control, traffic inspection, and segmentation policies in a production enterprise environment
• Strong understanding of enterprise networking fundamentals, including TCP/IP, routing, DNS, TLS, IPsec, and traffic flow analysis
• Solid grasp of Zero Trust principles, least-privilege access models, and identity-aware networking
• Experience designing, implementing, or supporting network segmentation strategies to reduce risk and prevent lateral movement
• Ability to assess network-related risk and translate business and operational requirements into secure access and network designs
• Experience integrating network security controls with enterprise identity, authentication, and directory services
• Proven ability to analyze logs and packet captures to diagnose complex access or connectivity issues
• Strong written communication skills with experience producing security documentation, standards, and change records
• Ability to work calmly and methodically during outages or security incidents
• Ability to collaborate effectively across infrastructure, identity, operations, and business teams
• Ability to maintain confidentiality and handle sensitive information appropriately
• Industry certifications such as Security+, CCNP Security, CISSP, or relevant GIAC certifications
• Experience supporting operational technology (OT/ICS), construction, utilities, or manufacturing environments
• Experience integrating networks and secure access technologies during mergers and acquisitions
• Familiarity with cloud platforms, identity services, endpoint management, and modern remote access models
• Experience working in a publicly traded or SOX-regulated environment