Network Security Engineer – Web Access & Remote Security(Klo Job No 96)

We are seeking a highly skilled Network Security Engineer with hands-on experience in Web Access Security, Remote Access VPN, and Proxy/Content Filtering technologies. The role requires engineering, implementing, and supporting secure web access solutions across hybrid environments (on-premises and cloud SaaS). You will play a key role in designing, deploying, and troubleshooting secure connectivity solutions to protect enterprise users and data. 

Key Responsibilities: 

• Design, deploy, and enhance Secure Web Access Services aligned with security program objectives. 

• Engineer and support Remote Access VPN, Web Proxy, and Content Filtering solutions (Bluecoat, Zscaler, Cisco, Symantec). 

• Configure and maintain proxy policies, authentication methods, and PAC file customizations (JavaScript). 

• Perform incident response, root cause analysis, and major incident management for network security services. 

• Troubleshoot network traffic using packet captures (Wireshark, TCPdump) and resolve connectivity/security issues. 

• Collaborate with vendors and internal teams for incident and problem management. 

• Produce high-quality documentation, including network topology diagrams (Visio), HLDs/LLDs, and technical reports. 

• Apply best practices in endpoint security (EDR, HIDS, host firewall, OS hardening) and encryption/authentication technologies (IPsec, TLS, mTLS, PKI). 

• Understand and troubleshoot network routing and switching (BGP/OSPF, DNS, load balancing, cloud networking). 

Required Skills & Experience: 

• 7–12 years of hands-on experience in network security engineering. 

• Practical expertise in Web Access Security, Remote VPN, and Content Filtering solutions. 

• Strong understanding of encryption protocols, authentication mechanisms, and network troubleshooting. 

• Intermediate Unix/Linux and scripting skills for PAC file customization and automation. 

• Experience with incident handling and problem management in enterprise environments. 

Certifications (Preferred): 

• CCNP Security / CCNP Enterprise (Cisco) 

• Palo Alto PCNSA/PCNSE or Bluecoat BCCPA/BCCPP 

• Zscaler ZCCA-IA / ZCCP-IA 

• Fortinet NSE 4–7 (advantageous) 

• CompTIA Security+ or CASP+ 

• CISSP (preferred for senior candidates)