Jobs · Information Technology · Colorado

Senior Network Security Engineer

Evolution Cloud Services (EVOCS) · Denver, CO · Yesterday
Information Technology$75–$90/hrFull-time

Position Summary

We are seeking an experienced Senior Network Security Engineer with deep, hands-on expertise in Fortinet technologies and multi-region network security architecture.

Key Responsibilities

  • Design, deploy, and manage enterprise-grade Fortinet firewall infrastructure (FortiGate) across multiple geographic regions, ensuring standardized policy frameworks and localized compliance where required
  • Administer FortiManager for centralized policy management, device provisioning, and configuration consistency across all regional firewall deployments
  • Operate and maintain FortiAnalyzer for log aggregation, threat correlation, security event analysis, and compliance reporting across the global environment
  • Architect and implement Fortinet Security Fabric integrations including FortiSIEM, FortiEDR, FortiNAC, and FortiSandbox to deliver cohesive, end-to-end threat detection and response capabilities
  • Develop and manage SD-WAN solutions using Fortinet SD-WAN, optimizing performance, resilience, and security for multi-site connectivity
  • Lead the planning and execution of multi-region firewall migrations, upgrades, and new site deployments with minimal business disruption
  • Conduct regular firewall audits and rule-base reviews to identify and remediate policy bloat, misconfiguration, and unnecessary exposure
  • Partner with network, cloud, and security operations teams to integrate perimeter security controls with cloud-native security services (AWS, Azure, GCP) and zero trust architecture initiatives
  • Develop and maintain network security documentation including architecture diagrams, standard operating procedures, runbooks, and change management records
  • Participate in security incident response activities, including firewall log analysis, traffic forensics, containment actions, and post-incident remediation
  • Monitor network security posture through threat intelligence feeds, vulnerability assessments, and proactive tuning of IPS/IDS, web filtering, and antivirus profiles
  • Collaborate with compliance and risk teams to ensure firewall configurations meet regulatory requirements (e.g., PCI-DSS, HIPAA, SOC 2, ISO 27001)
  • Evaluate and recommend new Fortinet capabilities, firmware releases, and adjacent technologies to strengthen the organization's security posture

Required Qualifications

  • 7+ years of enterprise network security engineering experience, including 4+ years of hands-on Fortinet firewall administration and architecture
  • Deep expertise in FortiGate firewall configuration, policy management, HA clustering, and multi-VDOM environments
  • Proven experience managing Fortinet deployments across multiple geographic regions or data centers with FortiManager centralized management
  • Solid understanding of networking fundamentals: BGP, OSPF, VLAN, VPN (IPSec/SSL), QoS, and routing protocols in a multi-site environment
  • Experience designing and implementing Fortinet SD-WAN solutions for enterprise multi-site connectivity
  • Familiarity with zero trust network access (ZTNA) principles and implementation within the Fortinet Security Fabric
  • Experience integrating firewall environments with cloud platforms (AWS, Azure, or GCP), including FortiGate-VM and cloud-native security group management
  • Strong understanding of network security frameworks, threat modeling, and defense-in-depth architecture
  • Experience supporting compliance and audit activities related to firewall configuration (PCI-DSS, SOC 2, HIPAA, or similar)
  • Fortinet NSE 4 certification (minimum); NSE 5, NSE 6, or NSE 7 strongly preferred
  • Excellent documentation, communication, and cross-functional collaboration skills

Preferred Qualifications

  • Fortinet NSE 7 — Enterprise Firewall, SD-WAN, or Network Security Architect certifications
  • Experience with Fortinet Security Operations Center (SOC) tools including FortiSIEM and FortiSOAR
  • Background supporting global template or network standardization programs across diverse regional environments
  • Experience with network automation and infrastructure-as-code tooling (Ansible, Terraform, Python scripting for Fortinet APIs)
  • Familiarity with SASE architecture and cloud-delivered security services
  • Additional vendor certifications (CCNP Security, Palo Alto PCNSE, or equivalent) demonstrating broad network security breadth
  • Experience in regulated industries (financial services, healthcare, manufacturing) with associated compliance obligations
  • Background in incident response and threat hunting using network traffic analysis and firewall telemetry

Similar jobs