Lead Network & Security Engineer - CCIE Certified

We are looking for a skilled and strategic Lead Network & Security Engineer to architect, manage, and secure enterprise-wide network systems. This senior role demands deep technical expertise across firewalls, VPN, IPS, Zscaler cloud security, switching technologies, SD-WAN, and wireless solutions. Youll lead design initiatives, mentor engineers, and ensure robust security postures across complex hybrid environments.

Lead Network Engineer L4 (CCIE Certified) | 9 -15 Y | Mumbai (Hybrid) |

We have open vacancies for L3 / L2 - Network Engineer for the same work location.

Key Skills :

- Switching (VLAN, STP)

- Firewall - Cisco ASA, Fortinet FortiGate, Checkpoint

- SD WAN - Fortinet SD-WAN

- Wireless - Cisco WLC, Aruba, Meraki

- DNS / DHCP / NTP

- Firewall / VPN / IPS / Zscaler

Key Responsibilities :

- Design and manage firewall deployments using Cisco ASA, Fortinet FortiGate, and Checkpoint, including advanced rule base optimization and threat mitigation

- Architect, configure, and monitor VPN solutions (IPsec, SSL VPN) for secure connectivity across global networks

- Oversee implementation and tuning of Intrusion Prevention Systems (IPS) to defend against evolving threats

- Administer and optimize Zscaler Internet Access (ZIA) and Private Access (ZPA) policies for cloud security and access control

- Lead Layer 2/3 switching operations, including VLAN configuration, Spanning Tree Protocol (STP) tuning, and traffic segmentation

- Deploy and maintain Fortinet SD-WAN solutions for resilient connectivity and bandwidth optimization

- Manage enterprise wireless infrastructure across Cisco Wireless LAN Controller (WLC), Aruba, and Meraki platforms for performance and security

- Ensure reliable and secure operation of network services like DNS, DHCP, NTP, including redundancy and fault-tolerance

- Conduct network risk assessments, penetration testing coordination, and remediation planning

- Collaborate with cross-functional teams on security posture improvements, incident response strategy, and zero-trust architecture

- Document network diagrams, policies, procedures, and change requests with a focus on audit readiness

Required Skills :

- Advanced experience in firewall rule audits, traffic shaping, and security policy enforcement

- Strong knowledge of Zscaler cloud security architecture and integration; Scripting or automation (Python, Bash, PowerShell) is a plus

- Proficiency in VLAN routing, trunking, STP troubleshooting, and link redundancy

- Solid command of SD-WAN architectures, overlay networks, and branch-office deployments

- Competent in core services like DNS zone management, DHCP scopes, and NTP synchronization.

Prefer candidates who can join in less than 2 weeks or by early Sep 2025.