Firewall Network Engineer
Job Description
Role Overview
We are seeking a Network Security Engineer to support mission-critical network infrastructure within a highly secure defence/government environment.
This role focuses on operational stability, secure configuration management, incident response, and compliance adherence across on-premise infrastructure. The successful candidate will work within controlled environments subject to security audits, strict change governance, and regulatory requirements.
Key Responsibilities
Description of main tasks and responsibilities
Preventive Maintenance for Network & Security Equipment
Perform quarterly preventive maintenance (PM) for Network & Security Equipment
Update and submit checklist after PM
VAPT Support
Conduct Vulnerability assessment using Nessus
Validate scan completion and analyse findings
Perform remediation planning and coordination
Security Hardening and Configuration Review
Remediation validation
Reporting & Documentation for VAPT
Quarterly Compliance Check
Conduct vulnerability assessment on the systems across all sites using Nessus
Perform remediation planning and coordination with Level 2 engineers
IM8 Governance Compliance
Ensure day-to-day operations comply with IM8 ICT Security Standards
Support security assessments with Authority
Maintain audit-ready documentation
Support IM8 policy enforcement example patching SLAs
Firewall Operations
Manage policies, and troubleshoot traffic issues
Support IPS/Threats modules
Support logs extraction
Perform firmware updates, patches, security fixes and vulnerability remediation
Maintain up-to-date configurations
Hardware Security Module
Monitor HSM health and readiness
Understand and able HSM to support cryptographic operations under strict governance and dual control
Review and maintain HSM logs
Manage HSM key management operation
Perform firmware updates, patches, security fixes and vulnerability remediation
SIEM Monitoring
Configure SIEM to show high severity events as alerts on the dashboard
Identify unusual patterns, anomalies, and suspicious events in the logs
Ensure all critical systems send security logs to the SIEM
Tuning and optimization of SIEM rules
Develop and maintain / optimize dashboard for real-time display of alerts
Perform firmware updates, patches, security fixes and vulnerability remediation
Aruba Clearpass Monitoring
Manage and maintain ClearPass Access Control policies
Integrate Aruba Clearpass with Network infrastructure
Maintain up-to-date configurations
Perform firmware updates, patches, security fixes and vulnerability remediation
Samsung Knox MDM
Onboard new devices into Samsung Knox
Configure and maintain MDM policies
Manage approved application via Knox
Monitor device compliance dashboard
Manage deployment of certificates and rotation of certificates on the mobile devices
Maintain accurate record of mobile device lifecycle management
Perform application patches, security fixes and vulnerability remediation
Maintain up-to-date configurations
Incident & Problem Management
Resolve P1/P2 issues within SLA
Perform resolution and communications
Perform root cause analysis and recommend permanent fixes
Escalate unresolved issues that required software coding to Level 3 or engineering teams
Ensure proper closure of incident and problem
Change Management
Perform operational impact assessment
Present change in Change Advisory Board
Pre-Change Preparation such as review Change Request and Release Plan
Documentation update in the knowledge base
Post change review and feedback
Patch Management
Perform patch management readiness
Stakeholder coordination and team coordination
System Readiness and Post-Patch Validation
Documentation update and knowledge transfer
Compliance and audit readiness
Documentation and Compliance
Operational documentation. SOPs, Incident response checklist, RCA, PIR, monitoring and alert guidebook
Configuration & Infrastructure Documentation. System configuration baseline, application dependency maps, environment inventories such as hosts, services, accounts
Knowledge Base Articles for level 2 enablement and faster resolution e.g. Known Errors and Fixes, Frequent How-To Guides, Script Repositories, Lessons Learned
Maintain application documentation
Knowledge Management
Configuration Management
Perform validation and accuracy of configurations
Maintain readiness of operational documentation
Perform audit to confirm compliance of configurations
CMDB asset verification
Change-linked configuration tracking
Ensure environment consistency between DEV IVVQ ISO-PROD UAT and PROD
Testing and Verification
Ensure operational readiness testing before production deployment rollout
Ensure post-change verification coordination
Perform regression and sanity test following patching or upgrades, in UAT and PROD
Participation in user acceptance testing Knowledge Management
Documentation of resolution
Knowledge Base Contribution
Validation of knowledge
Subject Matter Expertise Sharing
Root Cause Analysis
Gather logs, system metrics at the time of failure
Reproduction of issues in a controlled environment to understand the conditions under which it occurs
Determine the scope and severity in terms of the systems affected, downtime duration and business impact
Narrow down the possible sources of causing the failure
Use of diagnostic tools such to analyse the application behaviour
Correlation of events to sequence the chain of events leading up to the failure and identify the dependencies
Work Schedule
Require rotational on-call duty support
Available for graveyard hours change request deployment as scheduled