Network Security Specialist
Candescent · Atlanta, GA · 2 wk ago
Information TechnologyFull-time
Key Responsibilities and Deliverables
- Define and execute Candescent’s network security strategy aligned to business objectives, risk posture, and Zero Trust principles.
- Serve as the subject-matter expert for network security architecture, providing guidance to leadership, engineering, infrastructure, and product teams.
- Evaluate emerging technologies and regulatory requirements, ensuring Candescent’s network defenses remain current and aligned with leading practices.
- Architect, implement, and maintain network security technologies across cloud, data center, and branch environments—including NGFW, segmentation, VPN/ZTNA, DNS security, WAF, and DDoS protection.
- Oversee firewall policy lifecycle management, ensuring consistent, scalable, and auditable deployment of rules and objects.
- Lead secure connectivity initiatives supporting cloud adoption, SD-WAN evolution, Zero Trust access patterns, and encrypted traffic inspection capabilities.
- Partner with DevOps/Platform teams to integrate network security into CI/CD pipelines, automation frameworks, and infrastructure provisioning.
- Ensure resiliency through documented recovery procedures, redundancy planning, and continuous performance tuning.
Governance, Compliance & Assurance
- Maintain alignment with PCI, SOC 2, GLBA, and internal security standards.
- Develop and maintain documentation including network security standards, runbooks, diagrams, and technical reference architectures.
- Support internal/external audits and risk assessments, providing evidence and remediation plans as required.
Team Leadership & Cross-Functional Collaboration
- Lead, mentor, and develop a high-performing team of network security engineers.
- Oversee workload planning, technical decision-making, and escalations for incidents and complex engineering challenges.
- Foster strong partnerships with Infrastructure, Cloud Engineering, Security Operations, Application Security, and Product teams.
- Champion a culture of secure-by-design engineering and continuous improvement.
Qualifications And Experience
- 8+ years of experience in network security engineering, with at least 3 years in a lead or senior technical role.
- Hands-on expertise with enterprise-grade firewall platforms, secure network architecture, segmentation, and threat prevention services.
- Strong experience securing hybrid architectures (cloud, data center, branch) and implementing ZTNA or Zero Trust-aligned controls.
- Advanced understanding of TCP/IP, routing, VPN technologies, DNS security, and encrypted traffic inspection.
- Experience with infrastructure-as-code practices (Terraform, CloudFormation), network automation, and CI/CD integration.
- Strong analytical, communication, and incident leadership skills.
Preferred Distinctions
- Experience in financial services or other regulated industries.
- Certifications such as CISSP, CCSP, PCNSE, NSE7, AWS/Azure/GCP architectures, or equivalent.
- Familiarity with container networking, service mesh architectures, and secure API connectivity.