Conexess – Conexess Design Skip to main content

Network Security Engineer

Job Title
Network Security Engineer
Job ID
Dearborn,  MI
Other Location

Network Security Engineer

This role has primary responsibility for network infrastructure security operations, including design, implementation, analysis and support. This role will be responsible for new and existing network security components, including firewalls, VPN concentrators, IDS/IPS appliances, remote network access, and associated management platforms. Additional responsibilities in partnership with the CyberSecurity team include validation and enforcement of network security standards, audit & compliance support, and incident response.

Representative Responsibilities


  • Full life cycle support and administration of the organization’s network security appliances, both physical and virtual, including but not exclusive to firewalls, VPN concentrators, & IPS/IDS appliances.
  • Execution, validation and enforcement of the organization’s Network Security and CyberSecurity policies in the form of firewall policy configurations, VPN creation, network access administration, and review of network device configurations such as routers, switches and wireless infrastructure
  • Assist in the design and implementation of I.T. projects from network security perspective
  • Cooperate with Cybersecurity team during audits, compliance activities and incident response
  • Participate in and potentially lead cross functional teams driving the development of solutions in support of new business and application expansion
  • Develop and generate conceptual, logical, and physical network security architectures, resulting documents and drawings, testing analyses, test plans, and risk assessments to ensure sound architecture
  • Evaluate cost analysis and vendor comparisons for large scale projects to ensure cost-effective and efficient operations, and measures feasibility of various approaches
  • Assist with the planning, design, and implementation of new Information Technology initiatives, working and collaborating with customers, vendors, and VARs to define requirements using clients BRD process, create RFI/RFPs, manage projects and communicate project status on the entire life-cycle of the project
  • Perform third level trouble-shooting and diagnosis for service restoration on all components within the infrastructure, including but not limited to VPNs, firewalls, IDS/IPS, and other network infrastructure
  • Maintain detailed documentation of systems, application configurations, and user profiles
  • Create task and procedure documentation, as well as communicate timely status on all relevant project information to appropriate personnel via incident tracking and project server (logging tasks and keeping all relevant information up-to-date)
  • Analyze problems and look for trends, always keeping management informed of problem areas


Entry Requirements

  • Bachelor’s degree in Computer Science, MIS, IT or another technical computing field, or equivalent work experience, is required.
  • 5+ years of professional experience in a related field
  • Professional level of industry certification or higher, such as Cisco Certified Network Professional (CCNP) or Cisco Certified Design Professional (CCDP)
  • Working knowledge and experience with TCP/IP networks from Layer 2 through Layer 7, from IP addressing and naming (DHCP, DNS, WINS, subnetting, VLAN) through security, along with related software tools for monitoring and management; Strong troubleshooting and technical diagnostic skills; Clearly isolates and defines problems, and takes steps to resolve them before they become larger and more critical; Makes quick, realistic, practical decisions in urgent situations
  • Extensive experience with Cisco ASA and next-gen firewalls and firewall configuration; understanding and familiarity with IPS devices and policy implementation; and Cisco Firepower administration experience
  • Experience with VPN and remote access configuration and support
  • Experience with Skybox Firewall Assurance or other firewall audit tools preferred
  • Experience with Cisco Prime, Solarwinds Orion, or other network management tools preferred
  • Network troubleshooting experience which includes packet trace and Sniffer analysis as well as router & switch security configuration analysis (ssh, SNMPv3, access control lists, TACACS/RADIUS, etc).
  • Experience with wireless network security standards and configuration
  • Configuration and troubleshooting experience in a LAN/WAN environment with Cisco routers, switches, and firewalls preferred
  • Understanding of Internet routing, defense in depth, DMZ design and zero-trust networking
  • Security experience as it applies to compliance, protection of assets, and company security
  • Excellent verbal and written communication skills, including the ability to deliver presentations and convey technical and design strategies to different audiences
  • Strong people and communication skills with the ability to deal with stressful situations involving equipment and application failures in a composed and constructive manner
  • Ability to take direction from more than one person and handle a variety of tasks at one time
  • Dependable, accessible after hours in the event of a system failure, work as needed to maintain equipment in off-hours
  • Able to collaborate and comfortable working remotely with team-members and leaders


Option 1: Create a New Profile