Senior Network Security Engineer

Transguard Workforce Solutions is the UAE’s leading provider of unique and innovative HR solutions. With a decade of experience in the region and a team that possesses extensive knowledge of the market, we provide a fully integrated HR solution.

We are currently recruiting for an Senior Network & Security Engineer for our client to be based out of their Abu Dhabi office.

Job Purpose:

We seek a Senior Network Engineer to design, implement, and operate enterprise networks across on‑prem, branch, and Azure. The role owns complex incidents and escalations, plans changes, and drives reliability, performance, and security improvements.

Key Responsibilities:

• Operate Cisco wired/wireless: VLANs, trunking, STP, OSPF/BGP, HSRP/VRRP, QoS, HA; plan capacity and performance.
• Administer Palo Alto & FortiGate firewalls: policy/NAT, VPN (IPsec/SSL), rule hygiene; coordinate IPS/SSL inspection where allowed.
• Configure F5 LTM/WAF: virtual servers, pools/monitors, SSL offload, persistence; basic iRules for redirects/rewrite.
• Own Azure networking: VNets/subnets, NSGs/ASGs, UDRs, VPN Gateway, ExpressRoute; App Gateway (WAF) and Azure Load Balancer.
• Implement NAC (FortiNAC or equivalent): 802.1X, posture, guest; ensure Wi‑Fi & endpoints remain compliant.
• Support Cisco IPT/Collaboration (CUCM) for voice features and dial‑plan changes.
• Operate core services: DNS/DHCP/IPAM, NTP; coordinate PKI/certificates for network services.
• Monitoring & reporting: ManageEngine OpManager/SolarWinds/Zabbix for availability/performance; automated config backups; monthly KPIs.
• Incident/Problem/Change (ITIL): drive RCA with corrective actions; maintain HLD/LLD/runbooks; ensure rollback plans.
• Lifecycle management: hardware refresh, OS/firmware patching, license/contract tracking, vendor RMAs and escalations.
• ISP/carrier coordination for Internet/MPLS/SD‑WAN; site surveys and branch cutovers.
• Participate in DR drills; validate failover/fallback; improve runbooks and procedures.

Qualifications:

• 2-4 years in network engineering/operations with enterprise LAN/WAN/WLAN and perimeter security ownership.
• Strong fundamentals: TCP/IP, VLANs, STP, routing (OSPF/BGP/EIGRP), MPLS/SD‑WAN, QoS, DNS/DHCP/IPAM, VPNs (IPsec/SSL).
• Platforms: Cisco Enterprise networking & wireless, Palo Alto & FortiGate, F5 LTM/WAF, FortiNAC, Fortinet SASE/ZTNA, FortiAuthenticator, RSA MFA, Pulse Secure (Ivanti).
• Azure: VNets, NSGs, UDRs, VPN/ExpressRoute; App Gateway (WAF), Azure Load Balancer; cloud monitoring/cost & performance awareness.
• Monitoring/Automation: OpManager (preferred) and/or SolarWinds/Zabbix; Syslog/NetFlow; scripting (Python/PowerShell) is a plus.
• Process & compliance: ITIL (Change/Incident/Problem); documentation discipline; ISO 27001/NIST familiarity.
• Certifications: CCNP (or equivalent) strongly preferred; CCNA required; ITIL Foundation; plus any of PCNSE, Fortinet NSE 4/5/6, F5 201/301.