Senior Network Security Engineer

The company is a leading provider of expertise and managed services across major public and private cloud technologies. Our unique Fanatical Support paradigm encompasses the entire customer journey, offering a Fanatical Experience™ from initial consultation through daily operations. Our dedicated experts combine proactive service with top-tier tools and automation to deliver technology tailored to our customers' needs.

We are seeking a highly skilled Senior Network Security Engineer with specialized expertise in firewall technologies, F5 application delivery controllers, and intrusion prevention/detection systems (IPS/IDS). In this role, you will be responsible for designing, implementing, and maintaining enterprise and cloud network security infrastructures to protect against evolving cyber threats. The ideal candidate will possess deep technical knowledge across multiple security platforms, strong incident response capabilities, and the ability to lead operations in critical environments to ensure network resiliency, compliance, and security.

Location: Riyadh, Saudi Arabia (On-site)
Work Conditions: Full-time, Permanent on-site

Responsibilities:

• Design, implement, and manage enterprise firewall infrastructure, including next-generation firewalls (NGFWs), VPN concentrators, and web application firewalls.
• Configure, optimize, and maintain F5 application delivery controllers, covering load balancing, SSL offloading, and application security modules.
• Deploy and manage intrusion prevention/detection systems (IPS/IDS) with proper tuning to minimize false positives while ensuring genuine threats are detected.
• Develop and implement comprehensive network security architectures using defense-in-depth strategies.
• Create and maintain security policies, rulesets, and access control lists across all security platforms.
• Conduct regular security audits, vulnerability assessments, and penetration tests to identify and remediate security gaps.
• Monitor security events and logs, responding appropriately to potential security incidents.
• Lead security incident investigations and responses, including root cause analysis and remediation planning.
• Establish security monitoring solutions and develop custom alerting for critical security events.
• Implement automation and orchestration for security processes to enhance efficiency and response times.
• Design and implement secure network segmentation strategies to contain potential breaches.
• Collaborate with compliance teams to ensure network security controls meet regulatory requirements.
• Evaluate emerging security technologies and recommend solutions for addressing evolving threats.
• Provide technical mentorship to junior security engineers and network administrators.
• Participate in after-hours on-call rotation for critical security incidents.

Requirements:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• 8+ years of experience in network or security engineering roles.
• Minimum of 5+ years of hands-on experience with enterprise firewall platforms (Palo Alto, Fortinet, Cisco, etc.).
• Proven expertise with F5 BIG-IP platforms, including LTM and GTM modules.
• Extensive experience configuring and maintaining IPS/IDS systems (Cisco, Palo Alto, Snort, etc.).
• Strong understanding of network protocols, OSI model, and TCP/IP stack.
• Experience with micro-segmentation technologies.
• In-depth knowledge of common attack vectors and mitigation techniques.
• Current industry certifications (CISSP, CCNP Security, F5 Certified, etc.).
• Understanding of compliance frameworks (PCI DSS, HIPAA, SOX, ISO 27001, etc.).
• Experience with security in cloud environments.
• Strong analytical and problem-solving abilities.
• Excellent communication skills and ability to explain technical concepts to non-technical stakeholders.
• Ability to work effectively under pressure during security incidents.

Language Requirements: (Not specified, please confirm if required)

Preferred Skills:

• Experience with zero trust network architecture and implementation.
• Proficiency in scripting and automation for security operations (Python, Bash, etc.).
• Knowledge of SOAR (Security Orchestration, Automation and Response) platforms.
• Familiarity with container security and Kubernetes environments.
• Experience with secure SD-WAN implementations.
• Background in DevSecOps practices and tools.
• Knowledge of threat intelligence platforms and integration.
• Experience with DDoS mitigation techniques and services.
• Familiarity with NAC (Network Access Control) solutions.
• Understanding of PKI infrastructure and certificate management.
• Background in security architecture and framework development.