Job Description:
Network Security Subject Matter Expert
We are seeking a highly skilled Network Security Subject Matter Expert (SME) to strengthen and optimize security controls across a large‑scale enterprise environment.
In this role, you will work extensively with next‑generation firewalls, VPN, SASE, OT security monitoring, and Linux-based proxy technologies, ensuring secure, resilient, and well‑governed network access across on‑premises and cloud environments.
While your core focus will be on Fortinet, Barracuda, and Netskope VPN, you will also support broader network defenses including Check Point, Azure Firewall, OT/ICS visibility (Nozomi), Squid Proxy, and threat‑detection ecosystems.
Exposure to Darktrace Network/Email/OT modules will be considered an added advantage.
If you enjoy owning technical domains, enhancing security posture, and working closely with enterprise stakeholders, this role provides a strong platform to demonstrate your expertise and drive measurable impact.
Job Description:
- Lead deployment and optimization of Fortinet Firewalls, including policy management, VPN setup, and troubleshooting to maintain strong perimeter security.
- Administer and support Barracuda Firewalls, handling rule updates, threat‑protection features, and connectivity issues to ensure stable and secure operations.
- Support deployment, tuning, and maintenance of Netskope VPN / Private Access, enabling secure remote connectivity through zero‑trust access controls and user‑based security policies.
- Assist with integration and operations of Nozomi OT Security or other OT/ICS network‑visibility platforms, enabling anomaly detection, asset discovery, and monitoring of industrial network traffic.
- Provide secondary support for Check Point Firewalls, including rule base updates, policy optimization, and troubleshooting using Smart Console and traffic logs.
- Assist in configuration and management of Azure Firewall, including DNAT/SNAT rules, network/application rules, threat‑intelligence filtering, and traffic‑monitoring capabilities.
- Implement and manage Squid Proxy (Linux‑based), including ACL configurations, access rules, HTTPS tunneling, caching policies, and proxy‑traffic troubleshooting.
- Monitor and analyze network‑security alerts, investigate traffic anomalies, and support incident response workflows in collaboration with SOC and Network Engineering teams.
- Experience with Darktrace (Network, Email, or OT modules) for anomaly detection and autonomous response will be considered an added advantage.
- Conduct packet‑level troubleshooting using tools such as tcpdump and Wireshark to resolve complex firewall, routing, proxy, and VPN issues.
- Review and refine firewall rulesets, segmentation designs, and security controls to strengthen overall network access and reduce attack surface.
- Prepare documentation, change records, topology diagrams, and operational handover materials after deployments or configuration updates.
Job Level required: Network Security Subject Matter Expert
- Apply strong, hands‑on expertise to support enterprise network‑security objectives.
- Work independently on moderate to advanced technical tasks.
- Contribute to design, deployment, tuning, and support of network‑security controls.
- Collaborate with SOC, OT, and Network Engineering teams to ensure consistent security enforcement and visibility.
- Supports junior engineers and contributes to internal process improvement and documentation efforts.
Technical Skills and Experience Required:
Essential Requirement:
3–5 years of experience in network security engineering, firewall operations, VPN technologies, or OT network monitoring. Strong understanding of network‑security architecture, routing fundamentals, firewall policy design, and zero‑trust access concepts.
Required Technology Implementation Experience
(Experience in a minimum of 3 of the following is required)
Must Have:
- Fortinet Firewall (FortiGate, FortiManager, FortiAnalyzer)
- Barracuda Firewall
- Netskope VPN / Private Access
Desired:
- Nozomi OT Security (or other OT/ICS visibility tools)
- Check Point Firewall
- Azure Firewall
- Squid Proxy (Linux)
Added Advantage:
- Darktrace (Network / Email / OT)
- Packet‑capture tools (tcpdump, Wireshark)
- Linux administration experience
- Basic scripting (Bash/Python)
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.