Lead Network Security Engineer

Lead Network Security Engineer - 100% remote (EST Hours)

Optomi, in partnership with a client that specializes in the IT space, offering infrastructure and cybersecurity solutions, is looking to add a Lead Network Security Engineering Consultant to their team! The Cybersecurity Network Engineer willl come with extensive, hands-on experience and possess deep technical mastery of the entire Cisco suite, Cisco security ecosystems and the ability to apply fundamental cybersecurity principles to solve complex client challenges. They must also be skilled with either Palo Alto OR Fortinet.

This is a high-impact, client-facing engineering role responsible for the end-to-end design, deployment, and optimization of the complete Cisco product stacks in addition to having projects that will touch Palo Alto & Fortinet. You will serve as the trusted technical authority for our clients, translating strategic business and security requirements into robust, scalable, and operationally mature solutions. Success requires a blend of hands-on technical skill, deep product knowledge, and a solid foundation in core cybersecurity concepts (e.g., CIA Triad, Zero Trust, MITRE ATT&CK, Network, Cloud, IAM, GRC, Application Security). Having a wide breadth of security experience is ideal.

The ideal candidate for this role has come from an IT Solutions, IT Services and/or consulting company working on various cybersecurity and networking projects spanning across different products/vendors. SASE & Zero Trust Solutions experience is a must.

Responsibilities:

• Product Expertise: Depending on the project, will serve as the Subject Matter Expert for Cisco and perhaps Palo Alto Networks/Fortinet product stacks, leading implementation, optimization, and troubleshooting engagements.
• If you come with Palo Alto Networks expertise: Deep experience with NGFWs (PAN-OS), Panorama, Prisma Access (SASE/ZTNA), Prisma Cloud (CSPM/CIEM), and Cortex XDR/XSOAR.If expIf
• If you come with Fortinet expertise: Deep experience with FortiGate NGFWs (FortiOS), FortiManager, FortiAnalyzer, FortiEDR, FortiSASE, and other elements of the Fortinet Security Fabric.

Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Security Architecture & Migration: Design and deploy secure, high-availability, and scalable network and cloud security architectures. Lead complex projects to migrate clients from legacy firewalls (or from one vendor to the other) while minimizing business disruption.
• Zero Trust and SASE Implementation: Architect and deploy advanced capabilities like Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) using vendor-specific platforms (e.g., Prisma Access, FortiSASE).
• Advanced Feature Configuration: Implement and optimize critical security features, including advanced URL filtering, IPS/IDS, SSL decryption, WildFire/FortiGuard integration, SD-WAN overlays, and VPN tunneling (IPSec/SSL).
• Security Architecture & Design: Architect enterprise-level security solutions, ensuring all deployments adhere to security best practices, industry compliance standards (e.g., NIST, ISO 27001), and a fundamental Zero Trust security model.
• Implementation & Optimization: Execute hands-on configuration, integration, and fine-tuning of platforms to maximize threat prevention capabilities (e.g., App-ID, User-ID, WildFire, Threat Prevention).
• Client Advisory & Training: Act as a subject matter expert, providing post-implementation knowledge transfer, technical mentorship, and high-quality documentation to client engineering and SOC teams.
• Advanced Troubleshooting: Utilize deep knowledge of network protocols (TCP/IP, BGP, OSPF, VPNs) and security telemetry to diagnose and resolve complex multi-domain technical issues in high-pressure client environments.

Qualifications:

• Minimum 5 years of hands-on experience in a dedicated cybersecurity engineering or consulting role. Consulting experience is highly preferred for this role, as it ensures familiarity with the cadence and nature of the industry.
• Minimum 3 years of deep, demonstrable experience in designing, deploying, and managing a significant portion of the Palo Alto Networks OR Fortinet product stacks (NGFW is mandatory; additional expertise in Cortex/FortiEDR and/or Prisma/FortiCNP is highly desired)
• Expert-Level Firewall Proficiency: Demonstrated ability to configure, troubleshoot, and manage complex environments using both:

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

• Palo Alto Networks: Deep expertise in PAN-OS, policies, NAT, Threat Prevention, and Panorama management.
• Fortinet: Deep expertise in FortiOS, VDOMs, FortiGuard, and centralized management via FortiManager/FortiAnalyzer.
• Solid understanding of core security principles across multiple domains (e.g., CIA Triad, Zero Trust, MITRE ATT&CK, Network, Cloud, IAM, GRC, Application Security).
• Advanced knowledge of networking fundamentals (L2/L3 routing, switching, VPNs, IPSEC, PKI) as they relate to network security implementation.
• Proven ability to work independently, manage project timelines, and deliver high-quality technical documentation and client reports.
• Excellent verbal and written communication skills, with the ability to clearly articulate complex technical issues to both technical and executive audiences.

Certifications (Must actively hold and maintain at least one of the below):

• Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Fortinet Network Security Expert Level 7 (NSE 7) or higher
• Preferred (Plus): CISSP, CISM, Fortinet NSE 8, Palo Alto PCCSE, or CCIE Security.