Apply on Employer Site

JLL · 19 hours ago

Cloud Network Engineer

Chicago, IL

Full-time

Onsite

Senior Level

$121K/yr - $176K/yr

5+ years exp

Jones Lang LaSalle, an international commercial real estate firm, is seeking a skilled and motivated cloud network engineer with expertise in traditional networking and cloud networking technologies. The successful candidate will oversee network architecture delivery, segmentation deployments, firewall security engineering, and cloud network operations.

CommercialReal Estate

H1B Sponsor Likely

Responsibilities

Hands-on experience with cloud networking, Palo Alto firewalls in Azure & AWS, and segmentation platforms such as Illumio Core/Cloud and Guardicore (Akamai Segmentation)

Implement and maintain micro-segmentation policies, including application dependency mapping, rule-set creation, and enforcement across hybrid workloads

Experience designing and supporting segmentation architectures to enhance security posture and reduce lateral movement risks

Strong understanding of zero-trust network segmentation principles and how they apply to enterprise network security

Extensive experience implementing and maintaining firewalls and staying updated on newly released security vulnerabilities and their impact on the network

Perform ongoing optimization of network security devices and segmentation platforms to ensure adequate capacity, availability, and scalability

Implement, troubleshoot, and document network security infrastructures and segmentation deployments, including policy testing, traffic flows, and enforcement validation

Expertise in modifying firewall rule sets, segmentation rules, changing security policies, whitelisting, content filtering, and troubleshooting traffic flows across firewalls, segmentation tools, routers, and switches

Strong knowledge of Layer 4–7 app-aware firewalls and micro-segmentation traffic policies

Establish and modify site-to-site VPNs and secure connectivity paths for segmented workloads

Manage threat protection, URL blocking, IOC feeds, routers, switches, segmentation policies, and endpoint enforcement controls

Periodically monitor firewall and segmentation agent health, performance, and capacity across global environments

Participate in Change Management processes, including creating change requests, performing peer reviews, validating segmentation change impact, and executing firewall or segmentation modifications

Develop detailed build and test plans for implementing firewalls and segmentation deployments

Coordinate with IT teams to ensure standardized network and segmentation configurations, control frameworks, and enforcement practices

Recommend enhancements to improve network reliability, segmentation accuracy, security posture, and operational performance

Collaborate globally with IT teams—security, cloud, data center, and application teams—to resolve issues and ensure network/segmentation alignment

Define reusable network and micro-segmentation patterns for branch, data center, and cloud environments

Document segmentation deployments, firewall standards, policy frameworks, and configuration baselines

Experience with network automation tools such as Ansible, Terraform, Python (e.g., automating policy pushes, firewall rules, segmentation updates)

Wireless network design, support, and troubleshooting

Understanding of TCP/IP Stack, AD, DNS, DHCP, Routing (BGP, OSPF, VXLAN), and east-west traffic considerations for segmentation

Participate in disaster recovery exercises, including validating segmented application recovery paths and connectivity requirements

Resolve escalations for complex technical problems involving firewalls, segmentation agents, cloud networking, and hybrid routing

Participate in incident management and problem resolution for global network and segmentation issues

Design and implement cloud network architectures using best practices, incorporating segmentation and zero-trust principles

Deploy and troubleshoot firewall based decryption of HTTPS traffic

Integration of cloud networking environments into global corporate network using direct connections, SDWAN, and security architectures

Troubleshoot application traffic flows with application developers through complex multi-cloud environments

Design, implement, deploy, and troubleshoot IPsec VPNs

Qualification

Cloud networkingFirewall engineeringMicro-segmentationNetwork architecturePalo Alto firewallsIllumioGuardicoreAWSAzureOperational leadershipCommunication skillsDecision-making

Required

Bachelor's degree in Computer Science, IT, Engineering, or related field

Minimum 5 years experience in network architecture or design, with a global infrastructure focus

Experience with micro-segmentation tools (Illumio, Guardicore) including policy creation, enforcement, and application dependency mapping

Strong understanding of Firewalls, segmentation frameworks, WAN, SD-WAN, network protocols, subnetting, VPNs, QoS, and zero-trust concepts

Experience with cloud network architecture (AWS, Azure, GCP)

Expertise in network hardware (Cisco, Palo Alto, etc.) and segmentation agents

Experience operating at enterprise scale across WAN, LAN, Data Center, Cloud, and segmented environments

Ability to participate in 24x7 on-call rotation

Strong knowledge of network security best practices and segmentation strategies

Excellent communication skills and ability to work in a global team

8+ years of hands-on networking and network security support

Hands-on experience with Palo Alto firewalls, Panorama, and security profiles

Experience with Illumio segmentation, Guardicore segmentation, or equivalent platforms

Cloud networking experience with AWS and Azure, including routing, firewalling, and segmentation

Ability to resolve complex customer and network/segmentation issues

Strong understanding of infrastructure, firewall engineering, segmentation design, and security architecture

Strong troubleshooting skills for Palo Alto and segmentation agents

Experience implementing global network and segmentation solutions

Experience deploying firewalls and segmentation in cloud, data center, and edge environments

Knowledge of ITIL processes and change management

Strong decision-making and operational leadership skills

Proven track record of global network designs, firewall/security implementations, and segmentation projects

Self-starter with ability to work independently or collaboratively

Preferred