Employer Overview
A national-scale private cloud platform provides secure, integrated IT services across multiple subsidiaries. The platform delivers multi-tenant, high-availability environments with advanced network and application security, supporting compliance, Zero Trust access, and secure workload hosting across hybrid infrastructures.
Job Summary
The Security Infrastructure Engineer is responsible for designing, implementing, and operating the security infrastructure of the private cloud platform. The role ensures secure network and application access, tenant-level segmentation, and Zero Trust principles, while maintaining high availability and compliance across multi-site environments.
Key Responsibilities
- Design and operate Fortinet security platforms (NGFW, WAF, ADC, NAC, FortiAuthenticator, Sandbox)
- Implement and manage tenant-level security segmentation and firewall policies
- Integrate Zero Trust access solutions (e.g., AppGate or equivalent)
- Manage north-south and east-west traffic inspection and security policies
- Support secure application publishing and WAF protection
- Collaborate with SOC teams for incident response and threat mitigation
- Ensure compliance with security policies and regulatory requirements
- Support disaster recovery and high availability for security infrastructure
- Optimize security performance and scalability across multi-tenant environments
Requirements
- Bachelor's degree in Cybersecurity, Networks, Computer Engineering, or related field (preferred)
- 610 years in network and infrastructure security
- Hands-on experience with enterprise security platforms in large-scale environments
- Proven experience with TCP/IP, routing, and network security principles
- Familiarity with SIEM integration and incident response coordination
- Strong analytical and problem-solving abilities
- Excellent communication and collaboration skills
- Detail-oriented with proactive security mindset
- Ability to work independently and in cross-functional teams
- Fortinet ecosystem: FortiGate, FortiWeb, FortiADC, FortiNAC, FortiAuthenticator, FortiSandbox
- Firewall policy design and tenant-level network segmentation
- Zero Trust architecture and secure remote access
- DDoS protection and traffic filtering
- Application security and WAF management
- Integration with SIEM and SOC platforms
- Proficiency with security management, monitoring, and orchestration tools
- Familiarity with hybrid and multi-site cloud environments
- Fluency in English (written and spoken)
- Ability to maintain 24x7 security infrastructure availability
- Capacity to implement secure access and segmentation across multi-tenant environments
- Capability to support DR and high-availability operations
- Ability to optimize security performance and enforce compliance policies
- Fortinet NSE4 / NSE7 / NSE8
- CISSP or equivalent security certification
- CCNP Security or equivalent
