Responsibilities:
• Provide L3 operational support for network security and endpoint security incidents, service requests, and change management.
• Monitor and manage security-focused tools, including firewalls, VPN gateways, web proxies, endpoint protection platforms, DDoS/WAF services, and MFA systems.
• Oversee Akamai CDN management and related security configurations.
• Execute security patching, device health checks, and configuration updates for security platforms.
• Assist in deployment and onboarding of security appliances and endpoint agents, adhering to security baselines and compliance standards.
• Perform triage and troubleshooting of security, authentication, access, malware, and threat-related incidents.
• Support secure remote access operations, including VPN provisioning, ZTNA processes, MFA troubleshooting, and access reviews.
• Implement and monitor DDoS protection, web filtering, endpoint security policies, SSL inspection, and threat protection rules.
• Follow procedures for secure file transfer, encryption, DLP controls, and audit-compliant partner onboarding.
• Participate in security-oriented maintenance, including firmware/security updates, rulebase reviews, and threat-driven tuning.
• Maintain documentation of security incidents, policy changes, device inventories, and endpoint configurations.
• Contribute to improving security operational processes, including recurring issue analysis and automation opportunities.
• Collaborate closely with SOC, Cybersecurity, IAM, and Infrastructure teams on cross-functional security issues.
• Ensure compliance with security policies, audit requirements, vulnerability remediation schedules, and secure configuration standards.
• Maintain up-to-date knowledge of security technologies, threat landscapes, and vendor best practices.
• Participate in knowledge sharing, operational readiness, and security service review meetings.
• Support backup restoration tests and disaster recovery drills related to security platforms.
• Escalate unresolved or high-impact security incidents according to defined escalation procedures.
• Lead L2 Network Security analysts and organize an on-call rotation for the team.

Requirements:
• Firewall & Network Security: Advanced expertise with Cisco, Palo Alto, Fortinet, Check Point, and IBM Vyatta firewalls, including policy design, HA, migrations, cleanup, and optimization.
• DDoS, WAF & CDN: Experience with DDoS mitigation, WAF rule tuning, and CDN management (e.g., Akamai), including incident response and bot management.
• VPN & Secure Remote Access: Strong knowledge of VPN gateways and secure remote access solutions (Ivanti, Cisco AnyConnect, ZTNA concepts).
• Web Proxy & Traffic Security: Proficiency in web proxy platforms (e.g., Zscaler ZIA), SSL inspection, DLP enforcement, and traffic steering.
• Endpoint Security: Deep experience with endpoint protection platforms (CrowdStrike, Trend Micro), threat hunting, incident response, and containment.
• Multi-Factor Authentication (MFA): Experience with MFA technologies (Cisco Duo), integration, policy design, logging, and reporting.
• Secure File Transfer & Encryption: Knowledge of secure file transfer solutions (MoveIT), encryption, DLP, auditing, and partner onboarding.
• Certificate Management: Expertise in TLS/cipher management, certificate pinning, and endpoint certificate lifecycle.
• SIEM & Observability: Integration of SIEM for security telemetry across endpoints, firewalls, proxies, and identity systems.
• Vulnerability & Compliance Management: Understanding of vulnerability management, patching, OS lifecycle risks, and compliance frameworks.
• Leadership & Mentoring: Proven ability to mentor L2 analysts in endpoint security, firewalls, VPN, and threat analysis; people management for Network Security L2 analysts.