Engineer, NetSecOps

JOB PURPOSE 

Operate and continuously improve the organisation’s network security operations, monitoring and response capabilities. This role focuses on detection and response for network-based threats, security configuration assurance for key network platforms, and rapid incident handling in collaboration with Group IT, internal / external stakeholders and vendors/MSSPs

Key ACCOUNTABILITY

• Implement and maintain network security configurations under change management, including firewall policy updates, IPS profiles, VPN/remote access policies, and segmentation/ACL changes.
• Ensure secure device management hygiene (AAA, admin access controls, management plane protection, secure logging, baseline hardening checks)
• Monitor and investigate cloud security events using cloud-native telemetry (e.g., AWS CloudTrail/CloudWatch/VPC Flow Logs; Azure Activity Logs/Monitor/NSG Flow Logs
• Support secure cloud connectivity and access controls (Security Groups/NSGs, cloud routing controls, VPN/Direct Connect/ExpressRoute monitoring
• Maintain cloud logging posture: ensure coverage, retention, and forwarding to SIEM.
• Operate and support SASE/SSE controls including ZTNA, SWG, CASB, and DLP policies (access enforcement, web security, SaaS governance, data protection).
• Troubleshoot and resolve access/connectivity issues caused by policy enforcement (blocked apps, SSL inspection impacts, roaming user access), coordinating with endpoint and network teams.
• Monitor SASE alerts for risky access patterns and potential data exfiltration indicators; escalate incidents based on severity.
• Support rollout and change activities (pilot groups, policy staging, exception handling, post-change validation)
• Support remediation by validating exposure (open ports/services, misconfigurations), coordinating fix actions with owners, and confirming closure.
• Participate in periodic security hygiene activities (firewall rule recertification, VPN access reviews, baseline checks)
• Maintain accurate documentation: network security changes, incident reports, runbooks, and operational checklists.
• Support DR and cyber security readiness activities (log retention verification, restore/validation support, tabletop exercises where applicable)
• Provide operational evidence and support control operation aligned to ISO 27001:2022 & NIST CFS 2.0

Qualifications / Certifications:

• Bachelor’s degree in information systems, Computer Science, or related field.
• Preferred: CCNA / CCNP (Security or Enterprise) or equivalent networking foundation.
• Vendor or vendor-neutral certifications in Firewall/Security Operations (e.g., Palo Alto/Fortinet/Cisco). SIEM fundamentals, Cloud fundamentals (AWS/Azure), or SASE/SSE

Additional certifications in Windows/Linux fundamentals for log analysis and endpoint troubleshooting

Relevant Experience:

Minimum 3 years’ experience in IT with hands-on exposure to network operations and network security operations, including routing/switching support, security device configuration, and network monitoring. Experience in maintaining and administering network security controls (e.g., firewall/VPN/segmentation changes) through ticketing and change management is preferred. Exposure to cloud environments (AWS/Azure logging and network controls such as Security Groups/NSGs) and SASE/SSE fundamentals is an advantage.