CDW is seeking a Network Security Engineer to work remotely. The role involves designing and maintaining enterprise network architecture, managing secure connectivity solutions, and ensuring compliance with relevant security frameworks.
Responsibilities:
- Design, implement, and maintain enterprise network architecture spanning on-prem data centers and cloud environments (AWS and Azure)
- Architect and manage secure connectivity solutions including VPNs, Direct Connect/ExpressRoute, SD-WAN, and hybrid cloud networking
- Configure and maintain Cisco networking infrastructure (routers, switches, firewalls, ASA/Firepower, ISE, etc.)
- Design and enforce network segmentation, Zero Trust architecture, and least-privilege access models
- Manage cloud-native security controls: AWS (VPC, Security Groups, NACLs, Transit Gateway, WAF, GuardDuty) and Azure (VNets, NSGs, Azure Firewall, Azure WAF/Front Door WAF, Sentinel, Azure AD/Entra ID)
- Design, deploy, and tune Web Application Firewall (WAF) policies across cloud and on-prem environments to protect against OWASP Top 10 threats, bot traffic, and DDoS attacks
- Monitor network traffic and security events; respond to incidents and lead root-cause analysis
- Evaluate and implement IDS/IPS, NGFW, and SIEM integrations
- Collaborate with DevOps/Platform teams to secure CI/CD pipelines and infrastructure-as-code (Terraform/CloudFormation)
- Ensure compliance with relevant frameworks (SOC 2, ISO 27001, NIST, HIPAA, PCI-DSS as applicable)
Requirements:
- Experience in network engineering with a strong security focus
- Cisco technologies (routing/switching, ASA/Firepower, ISE, SD-WAN)
- Strong working knowledge of AWS networking and security services (VPC, Transit Gateway, Security Groups, IAM, GuardDuty, WAF)
- Strong working knowledge of Azure networking and security services (VNets, NSGs, Azure Firewall, Azure AD/Entra ID, Sentinel)
- Solid understanding of network protocols (BGP, OSPF, VLANs, VXLAN) and security protocols (IPsec, TLS, 802.1X)
- Experience with firewall management, IDS/IPS, and network segmentation strategies
- Hands-on experience configuring and managing Web Application Firewalls (WAF) (e.g., AWS WAF, Azure WAF/Front Door, Cisco/F5, or Cloudflare) including rule tuning and threat mitigation
- Familiarity with Zero Trust Network Architecture (ZTNA) principles
- CCNP/CCIE Security
- AWS Certified Advanced Networking/Security
- Azure Network Engineer Associate
- CISSP
- Experience with SIEM tools (Splunk, Microsoft Sentinel, or similar)
- Experience with container/Kubernetes networking and security
- Network security: 7 years
- WAF: 5 years
- AWS: 3 years
- Azure: 3 years