Senior Network Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Avangrid ยท 1 day ago

Senior Network Security Engineer

positionOrange, CT
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$114K/yr - $143K/yr
date5+ years exp

Avangrid is seeking a highly skilled Senior Network Security Engineer to join their team and play a key role in securing, optimizing, and transforming their enterprise network infrastructure. The ideal candidate will manage and enhance security infrastructure, focusing on firewall security, NAT, IPSEC, and SD-WAN solutions.

Charity
check
H1B Sponsor Likelynote

Responsibilities

Lead the migration from Checkpoint to Fortinet, including policy conversion, rule optimization, and traffic validation
Manage and maintain Cisco ASA, Palo Alto, Fortinet, and Checkpoint firewalls across corporate, cloud, and remote sites
Design and optimize firewall rule sets for improved security, performance, and compliance
Perform risk assessments and firewall audits to ensure network security best practices
Manage and optimize SD-WAN architecture to improve application performance and reduce latency
Implement policy-based traffic steering, failover mechanisms, and WAN optimization
Ensure seamless integration between SD-WAN, firewalls, cloud security solutions, and on-prem networks
Troubleshoot SD-WAN performance issues, routing conflicts, and connectivity problems
Work with network and security engineers to ensure secure connectivity between on-premises, branch locations, and cloud
Design and implement NAT policies, including static NAT, dynamic NAT, and PAT (Port Address Translation)
Configure and troubleshoot EIGRP, BGP, and OSPF for enterprise and cloud routing
Optimize routing policies to ensure high availability, redundancy, and performance
Work closely with the network engineering team to enhance SD-WAN, inter-site, and cloud connectivity
Administer and optimize Zscaler ZIA/ZPA solutions for secure cloud access and web filtering
Implement zero-trust security policies for cloud applications and remote users
Troubleshoot Zscaler tunnels, proxy configurations, and application access issues
Implement and maintain Radware DDoS protection to safeguard network infrastructure from volumetric and application-layer attacks
Configure IPS/IDS solutions to detect and mitigate security threats
Work with SOC teams to analyze and respond to security incidents
Lead firewall, SD-WAN, NAT, and routing issue troubleshooting affecting business-critical applications
Perform packet capture analysis and use security logs to diagnose network issues
Work with vendors (Cisco, Fortinet, Palo Alto, Zscaler) to resolve complex technical issues
Develop and enforce firewall and network security policies in compliance with NIST, CIS benchmarks, and ISO 27001 standards
Conduct regular security audits and risk assessments
Maintain up-to-date documentation of firewall rules, SD-WAN policies, and security configurations
Develop scripts (Python, Bash, PowerShell) for automating firewall audits and SD-WAN policy updates
Optimize firewall and SD-WAN policies to reduce latency and improve efficiency
Implement network automation frameworks to streamline security operations

Qualification

Fortinet FortiGateCisco ASAPalo Alto FirewallsSD-WAN solutionsEIGRPBGPOSPFZscaler ZIA/ZPANATDDoS protectionVPN technologiesZero-trust securityAnalytical skillsPythonAnsibleTerraformAWSAzureGCP

Required

5-8 years of experience in network security engineering
Expertise in Fortinet FortiGate, Checkpoint, Palo Alto, and Cisco ASA firewalls
Strong knowledge of SD-WAN solutions (Fortinet SD-WAN, Cisco SD-WAN, Prisma Access)
Experience configuring and troubleshooting EIGRP, BGP, and OSPF routing protocols
Hands-on experience managing Zscaler ZIA/ZPA for cloud security
Proficiency in VPN technologies (IPSec, SSL, GRE, DMVPN, L2TP) and their security implications
Strong skills in NAT, firewall rule optimization, and routing table analysis
Experience with Radware DDoS protection, IPS/IDS, and threat mitigation
Knowledge of zero-trust security architectures and secure SD-WAN implementation
Strong analytical skills for troubleshooting network security issues, including packet captures and firewall logs

Preferred

Certifications: Fortinet NSE 4/7, Checkpoint CCSA/CCSE, Palo Alto PCNSA/PCNSE, Cisco CCNP Security, Zscaler ZCCP, SD-WAN certifications
Experience with AWS, Azure, and GCP cloud security best practices
Familiarity with SIEM solutions for security event monitoring
Experience automating security tasks using Python, Ansible, or Terraform

Company

Avangrid

twittertwitter
Glassdoor3.3
company-logo
Avangrid, Inc.
dateFounded in 1997
location
Orange, Connecticut, USA
people-size5001-10000 employees
web-link
https://www.avangrid.com/aboutus/avangridfoundation

H1B Sponsorship

Avangrid has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (9)
2024 (5)
2023 (6)
2022 (5)
2021 (3)
2020 (3)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Alfredo del Canto
SVP Chief of Staff to CEO
linkedin
leader-logo
Bob Kump
Deputy CEO and President
linkedin

Recent News

Morningstar.com
CORRECTING and REPLACING Avangrid Foundation Opens Applications for 2025 Wildlife Rehabilitation Grant Program
2025-09-15
Company data provided by crunchbase