Network Security Lead

3 days ago

Rancho Cordova, CA, United States Bayone Full time
Network Security Lead

DEPARTMENT: Information Technology / Enterprise Technology Services (ETS)
REPORTS TO: CISO / Director, Infrastructure C Security
LOCATION: Hybrid (U.S.)
TYPE: Full-time, Exempt
Length: 12 months, possible direct hire for the right candidate

GENERAL SUMMARY
The Network Security Lead is responsible for designing, implementing, and governing Client's global network security architecture across data centers, labs, offices, and cloud environments. This role combines deep engineering expertise with strategic
leadership, driving architecture, automation, and operational excellence across Client's hybrid infrastructure.
The Network Security Lead will own the architecture and evolution of all network security domains - including core and lab networks, firewalls, on-premise proxies, and cloud connectivity - while leading and managing the Managed Service Provider (MSP)
responsible for daily engineering, administration, and network analysis.
This role emphasizes AI-driven automation, leveraging machine learning and analytics to reduce manual effort and accelerate detection, response, and configuration management across the enterprise.

ESSENTIAL DUTIES s RESPONSIBILITIES
Architectural Leadership
  • Design and maintain Client's global network security architecture, spanning:
    • Core corporate and data center networks
    • Lab network segmentation and lab firewalls
    • On-premise proxies and remote access gateways
    • Cloud security architecture (Azure, AWS, GCP) including hub-spoke and zero-trust models
  • Define the long-term network security roadmap, balancing resilience, performance, and scalability.
  • Develop secure reference architectures for Prisma Access SD-WAN, NGFW, Infoblox DNS/DHCP, and VPN platforms.
  • Partner with Infrastructure, Network, Cloud, and InfoSec teams to ensure consistent policy enforcement and visibility across all network zones.

O perational Oversight and Vendor Management
  • Lead and manage the Managed Service Provider (MSP) responsible for L2/L3 network security engineering, administration, and monitoring.
  • Define performance metrics, escalation procedures, and automation goals for MSP- delivered services.
  • Ensure adherence to SLAs and architectural standards through regular audits and technical reviews.
  • Oversee incident response coordination for network-related security events and P1/P2 outages.
  • Ensure direct or delegated completion of network security operational procedures including firewall object management, certificate/license updates, session table maintenance, and troubleshooting incident error messages.
  • Oversee execution of SOP-defined network security tasks (e.g., AV updates, DR activities, firewall deployments, and privileged access workflows), ensuring completeness and compliance through delegated MSP and internal resources.
  • Lead and optimize privileged access provisioning, external user onboarding, browser extension deployment, and OTP verification processes, ensuring alignment with documented SOPs and policy standards.
  • Regularly review, update, and contribute to network security SOP documentation to ensure operational processes remain tightly integrated with evolving enterprise requirements and new technologies.
utomation and AI Integration
  • Implement AI and machine learning technologies to automate network telemetry analysis, anomaly detection, and response workflows.
  • Reduce manual troubleshooting and analysis by integrating AIOps, predictive analytics, and autonomous configuration management.
  • Drive adoption of automated rule verification, configuration compliance, and zero- touch provisioning across the network security ecosystem.

Engineering and Governance
  • Provide expert guidance on routing, switching, segmentation, encryption, and authentication frameworks.
  • Develop and enforce network security policies and standards, integrating with enterprise GRC systems.
  • Review and approve changes to firewall rules, access control lists, and proxy configurations.
  • Conduct security architecture reviews for new projects and cloud integrations.
  • Participate in quarterly business reviews (QBRs) and executive governance meetings to report on security posture, incidents, and improvement initiatives.
Mentorship and Collaboration
  • Serve as a technical mentor to engineers across the Infrastructure and InfoSec teams.
  • Collaborate with the CISO, Cloud Security, and SOC leaders to align network and cyber defense strategy.
  • Coordinate with compliance and audit functions to ensure evidence of network security control effectiveness.
Compliance and Audit Coordination:
  • Coordinate with audit/compliance teams to supply detailed technical evidence, collect logs/reports, and document SOP compliance for both internal and external audit requirements.
  • Facilitate audit comment tracking and support periodic access verification activities as per SOP guidance.
Platform s Product Expertise:
  • Maintain expertise in Client-specific network security platforms (e.g., Panorama, NP Extranet, aiSSD), browser integrations, and licensing schemes, supporting operational SOPs and driving troubleshooting and integration improvements."
Incident Response s Troubleshooting:
  • Own and participate in root cause analysis, session table clearances, and non- functional error remediation, demonstrating thorough knowledge of day-to-day troubleshooting SOPs.
REQUIRED QUALIFICATIONS
Knowledge, Skills s Abilities
  • Expertise in network and security architecture design, including:
    • NGFWs, VPNs, SD-WAN (Prisma Access), segmentation, proxies, and hybrid connectivity
    • Network automation frameworks (Ansible, Terraform, Python)
    • Routing and switching protocols: BGP, OSPF, EIGRP, VXLAN, MPLS
    • DNS/DHCP/IPAM (Infoblox), SSL/TLS, PKI, SSO/SAML/OAuth
    • Cloud networking (Azure, AWS, GCP) - transit gateways, VPC/VNet security groups, private endpoints
  • Deep understanding of Zero Trust Network Architecture (ZTNA) and Secure Access Service Edge (SASE) models.
  • Strong vendor management and contract governance experience with Managed Service Providers.
  • Experience applying AI and automation in operational network management, security analytics, and policy optimization.
  • Excellent communication and leadership skills to translate technical strategy into business impact.
Education and Certifications
  • Bachelor's or Master's degree in Computer Science, Computer Engineering, or related technical discipline.
  • 8+ years of experience in network security, infrastructure engineering, or equivalent field.
  • 3+ years of experience in architecture-level leadership or MSP oversight.
  • Preferred certifications:

  • Cisco CCNP/CCIE Security
  • Palo Alto PCNSE
  • WS Certified Advanced Networking or Azure Network Engineer Associate
  • CISSP or equivalent cybersecurity certification

SUCCESS METRICS
  • Delivery of an integrated global network security architecture supporting both corporate and lab environments.
  • Reduction in mean time to detect/respond (MTTD/MTTR) through AI-enabled automation.
  • Demonstrated SLA compliance and operational maturity of MSP-delivered services.
  • Consistent alignment with Client's enterprise risk and governance frameworks.

  • Network Security Engineer

    7 days ago

    Rancho Cordova, CA, United States Solidigm Full time

    Company Description Join a multibillion-dollar global company that brings together amazing technology, people, and operational scale to become a powerhouse in the memory industry. Headquartered in Rancho Cordova, California, Solidigm combines elements of an established, successful technology company with the spirit, agility, and entrepreneurial mindset of a...

  • Network Architect

    2 days ago

    Rancho Cordova, CA, United States State of California Full time

    Telework is available. Under the general direction of the Information Technology Manager I (IT Manager I) of the Network Engineering Architecture services, the Information Technology Specialist II (IT Spec II) works independently, or as a part of a team as the recognized technical specialist for the Enterprise Network Branch. The IT Spec II works with the...

  • Network Architect

    1 hour ago

    Rancho Cordova, CA, United States State of California Full time

    Telework is available. Under the general direction of the Information Technology Manager I (IT Manager I) of the Network Engineering Architecture services, the Information Technology Specialist II (IT Spec II) works independently, or as a part of a team as the recognized technical specialist for the Enterprise Network Branch. The IT Spec II works with the...

  • Network Administrator

    3 days ago

    Rancho Cordova, CA, United States State of California Full time

    Telework is available. Under direction of the Network Engineering Operations, Information Technology Manager I (IT Mgr I), the Information Technology Specialist I (IT Spec I), operates as a team member or works independently, to support and maintain the operational function of the California Department of Technology (CDT) Statewide Data Center Network. This...

  • Network Administrator

    3 days ago

    Rancho Cordova, CA, United States State of California Full time

    Telework is available. Under direction of the Network Engineering Operations, Information Technology Manager I (IT Mgr I), the Information Technology Specialist I (IT Spec I), operates as a team member or works independently, to support and maintain the operational function of the California Department of Technology (CDT) Statewide Data Center Network. This...

  • Experienced Network Operator

    5 days ago

    Rancho Cordova, CA, United States Gainwell Technologies Full time

    Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You'll add to...

  • Experienced Network Operator

    1 week ago

    Rancho Cordova, CA, United States Gainwell Technologies Full time

    Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You'll add to...

  • Network Security Consultant

    3 days ago

    Rancho Cucamonga, CA, United States Zortech Solutions Full time

    Role: Network Security Consultant Location: Rancho Cucamonga, CA (Onsite from day 1) Duration: 6+ Months Job Description: JD - Essential Skills Must have : Cisco ISE, DNA Center, Cisco ACI cisco catalyst switches 9600 series ( 9606, 9300) Preferred : VMware NSX, NSX-T • In depth understanding of large enterprise networking best practices and operations....

  • NETWORK SERVICES DATA MANAGEMENT CONSULTING

    3 days ago

    Rancho Cordova, CA, United States Compu-Vision Consulting Full time

    Position: Data Center Network Engineer Location: Rancho Cordova, CA (Onsite) Duration: 1 year+ Job Description: The Contractor shall provide one (1) qualified resource who meets the following minimum qualifications. Resume and Staff Experience Worksheet must document recent and relevant experience within the last five (5) years for each qualification...

  • Senior Professional Network Operations

    5 days ago

    Rancho Cordova, CA, United States Gainwell Technologies Full time

    Be part of a team that unleashes the power of leading-edge technologies to help improve the health and well-being of those most vulnerable in our country and communities. Working at Gainwell carries its rewards. You'll have an incredible opportunity to grow your career in a company that values work flexibility, learning, and career development. You'll add to...