What you will be working on: 

As a Production Security Engineer – Network Filtering, you will be part of an operational security (ProdSec) environment responsible for protecting critical production systems, data, and operations against internal and external cyber threats. 

You will contribute to the implementation, operation, and continuous improvement of network filtering solutions (Firewall, WAF, Proxy, DDoS protection) within a complex enterprise environment. You will work closely with security teams, production support, architects, ITRM, and project teams, while also collaborating with vendors and group-level security functions to ensure compliance with security policies and best practices. 

What you will do:        

• Implement firewall and network flow rules across filtering platforms (FW, WAF, Proxy, Router), based on validated requests using tools such as Tufin or DSO. 

• Ensure correct deployment and enforcement of Group and local security policies on filtering devices under your responsibility. 

• Act as a security partner for projects and ITRM teams, supporting the implementation of network and application flows. 

• Perform technical investigations to resolve incidents, traffic blockages, or security-related issues. 

• Operate and maintain network filtering solutions, ensuring continuous monitoring and incident management. 

• Configure and maintain security filtering tools, ensuring performance, availability, and compliance. 

• Manage upgrades, version changes, and lifecycle evolution of filtering platforms. 

• Analyze and remediate functional or technical issues reported by users or monitoring systems. 

• Ensure application access, logging, monitoring, and maintainability for security solutions. 

• Contribute to continuous improvement initiatives by proposing security best practices and automation opportunities. 

• Act as a technical point of contact for vendors and solution providers related to filtering technologies. 

• Formalize and maintain operational procedures governing security filtering processes. 

• Ensure achievement of operational KPIs such as availability, incident resolution times, and compliance objectives. 

Requirements: 

• Strong experience in operational security, network filtering, or production security environments. 

• Hands-on experience with firewall technologies such as Check Point, Fortinet, and Palo Alto. 

• Experience managing WAF solutions (e.g. F5 AWAF, F5 ASM, Akamai). 

• Experience with proxy solutions such as McAfee Web Gateway. 

• Solid understanding of network security concepts, traffic filtering, and micro-segmentation (e.g. Illumio). 

• Experience troubleshooting and resolving production and security incidents. 

• Familiarity with incident lifecycle management using ServiceNow. 

• Knowledge of security frameworks and standards such as NIST, CIS, and ISO 27001. 

• Experience working in Linux, Windows, and Cloud environments. 

• Good understanding of Agile methodologies (Scrum, Kanban) and DevOps principles. 

• Strong analytical, troubleshooting, and problem-solving skills. 

• Ability to collaborate effectively with cross-functional technical and security teams. 

• Fluency in French and good command of English, written and spoken. 

Nice to have: 

• Security or network certifications such as Cisco CCNP / CCIE or F5 certifications. 

• Experience with large-scale network environments (clusters and standalone devices). 

• Experience with packet analysis and traffic inspection tools such as Wireshark. 

• Experience working with DDoS protection solutions. 

• Exposure to security audits, risk analysis, or compliance-driven projects. 

• • Experience contributing to automation initiatives in security operations. 

The job requires office presence, 2 days/week in Bucharest.

Salary range 8000-10000 RON Net. For B2B collaboration the range is 23-25 Eur/h.