Job ID: JOB_ID_5177
Role Overview:
We are seeking a highly skilled Network Security Engineer (L3) to join our team. This role is critical for maintaining and enhancing the security posture of our clients’ network infrastructure. You will serve as the primary L3 escalation point for complex network security incidents, providing deep-dive analysis and resolution beyond L1/L2 capabilities. Your expertise will be vital in leading proactive monitoring, event triage, and root cause analysis to develop permanent remediation strategies for recurring security incidents and vulnerabilities.
Key Responsibilities:
- Serve as the primary L3 escalation point for complex network security incidents, providing deep-dive analysis and resolution beyond L1/L2 capabilities.
- Lead proactive monitoring and event triage across customer-managed security infrastructure including firewalls, IDS/IPS, SIEM platforms, and endpoint security tools.
- Perform root cause analysis (RCA) and develop permanent remediation strategies for recurring security incidents and vulnerabilities.
- Manage and respond to security events related to malware, advanced persistent threats (APTs), DDoS, unauthorized access, and policy violations.
- Administer and fine-tune security technologies including SIEM (Splunk, QRadar), Firewall (Palo Alto, Cisco ASA/Firepower, Fortinet), PAM, IAM, and Cloud Security tools.
- Oversee vulnerability management lifecycle from scanning and prioritization to remediation tracking and reporting.
- Ensure SLA compliance for incident detection, response, and resolution across all managed accounts.
- Develop and maintain SOPs, runbooks, and knowledge base articles to enhance team capability and consistency.
- Participate in change management processes, reviewing and approving firewall rule changes, access requests, and security configuration updates.
- Provide executive-level incident reports and briefings to client stakeholders and internal leadership as required.
- Mentor and provide technical guidance to L1 and L2 engineers, supporting skill development and operational excellence.
- Collaborate with client IT teams, vendors, and third-party security partners on security projects and initiatives.
Required Qualifications:
- 8+ years of hands-on experience in network security operations, SOC, or managed security services.
- Deep expertise in firewall administration: Palo Alto Networks (PCNSE preferred), Cisco Firepower/ASA, Fortinet FortiGate, or Check Point.
- Proficiency with SIEM platforms: Splunk (SPLK-1002/3002 preferred), IBM QRadar, or Microsoft Sentinel.
- Strong understanding of network protocols: TCP/IP, BGP, OSPF, VLANs, VPNs (IPSec/SSL), DNS, HTTP/S.
- Experience with vulnerability management tools: Tenable Nessus, Qualys, or Rapid7 InsightVM.
- Familiarity with IAM and PAM solutions (CyberArk, BeyondTrust, Okta, Azure AD).
- Solid understanding of cloud security principles across AWS, Azure, or GCP environments.
- Demonstrated experience working in an ITIL-based service delivery model with SLA accountability.
- Strong analytical, troubleshooting, and documentation skills.
- Ability to work in a 24×7 on-call rotation environment.
Preferred Qualifications:
- Industry certifications: CISSP, CISM, CEH, CCNP Security, PCNSE, or equivalent.
- Experience supporting Fortune 500 or enterprise-scale managed security environments.
- Exposure to Zero Trust architecture, SASE, or SD-WAN security frameworks.
- Scripting/automation skills (Python, PowerShell, Bash) for security task automation.
- Prior experience with ServiceNow for ITSM and incident management workflows.
- Experience supporting VIP/executive-level incidents with executive communication skills.
Special Requirements
ONLY USC/GC; Need local only in San Jose, CA; Onsite interview
Compensation & Location
Salary: $120,000 – $160,000 per year (Estimated)
Location: San Jose, CA
Recruiter / Company – Contact Information
Email: in.usrecruiter@gmail.com
Recruiter Notice:
To remove this job posting, please send an email from
in.usrecruiter@gmail.com with the subject:
DELETE_JOB_ID_5177