Network & Security Engineer bei Hyopsys

Description

  Job Summary:

The Network & Cloud Security Engineer is responsible for securing and maintaining enterprise network and cloud environments, ensuring availability, performance, and protection against internal and external threats. This role supports both traditional and modern infrastructure—managing networking devices, VPNs, IoT, DNS, and line of business integrations—while leading vulnerability and threat management initiatives. The ideal candidate is a highly skilled technical engineer with hands-on experience across firewalls, XDR/MDR, pen testing, and modern network/cloud security tools..

Supervisory Responsibilities

· None.

Endpoint Duties & Responsibilities:

· Configures, manages, and troubleshoots network hardware including firewalls, switches, WAPs, and routers (SonicWall, Fortinet, Ubiquiti, Cisco).

· Manages and monitors site connectivity, ISP performance, and respond to outages related to internet or external power disruptions. Creates methods to automate repair and communication with customers and vendors

· Oversees VPN, IPSEC, and GSA configurations for secure remote access.

· Deploys and manages client VPNs, ensuring performance and compliance with company security policies.

· Utilizes Traverse (or similar tools) for proactive network monitoring and alerting.

· Conducts network discovery using VSA tools to maintain asset visibility and ensure proper documentation.

· Support the secure deployment and maintenance of IoT devices, including: Paging systems, Networked printers, Surveillance cameras, Electronic door access systems.

· Administers and supports VOIP platforms (EvolveIP, Vonage, CallTower).

· Integrates and secures Microsoft Teams for internal collaboration and conferencing.

· Manages conferencing tools, ensuring security, uptime, and quality of service.

· Oversees internal and external DNS management, ensuring accurate resolution and redundancy.

· Manage domain registrar accounts, ensuring timely renewals, ownership tracking, and DNS configuration accuracy.

· Leads vulnerability detection and remediation efforts using tools such as vPenTest,VulScan Network (Product Owner responsibilities), and MDR/XDS services

· Prioritizes and tracks network vulnerability remediations.

· Reports on vulnerability trends and supports continuous improvement in network hardening and risk mitigation.

· Deploys and monitors XDR/MDR/CDR platforms such as RocketCyber and SaaS Alerts (with focus on account compromise detection and remediation)

· Investigates and responds to security incidents, ensuring appropriate containment and resolution.

· Assists in tuning threat detection tools to minimize false positives and improve response accuracy.

· Consultant and Engineer for deeper integrated Line of Business applications that comprise network or multipoint connectivity over networks and clouds like Shipping, Quickbooks, Finance, client CRMs, ERPs, and EHRs.

· 20% Travel to client sites

· Performs other duties as assigned. 

Product Ownership and System Maintenance

· Primary owner and responsible party for the assigned toolsets/platforms/vendors and their outcomes which includes all aforemented products in this job description like FortiCloud, Sonicwall, BlueIris, Verkada, Domain Registrations, RocketCyber, and SaaSalerts

· Expected to make system adjustments, recommendations, and improvements.

· Create recurring maintenance procedure and effectively execute.

· Expected to be knowledgeable on related topics/systems to complete projects, onboardings, support escalations.

· Ability to estimate subject area labor, software, licensing, and hardware costs.

Time Commitments & On-Call Expectations:

· Full-Time Role – Regular business hours with flexibility as required by project or incident response needs.

· On-Call Rotation – Participate in Tier 1 NOC and Tier 2 SOC escalation rotation every 2–3 months for a 2-week period.

· Tier 3 On-Call – Always available 24x7 for your designated area of responsibility. If Tier 2 (Tech Management) cannot resolve an issue, you are expected to respond to Tier 3 on-call inquiries within 2–4 hours.

Requirements

Required Skills & Abilities: 

· Solid understanding of DNS, network segmentation, and cloud-based communications platforms.

· Strong problem-solving skills and the ability to think critically in complex situations.

· Proficiency with scripting or automation in a network/security context (PowerShell, Python, etc.) is a plus.

· Excellent organizational skills with attention to detail.

· Strong troubleshooting skills and ability to handle escalated technical issues.

· Excellent documentation, communication, and time-management skills.

Education & Experience:

· Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or equivalent experience.

· 3–5 years of experience in network engineering and security operations.

· Hands-on experience with enterprise-grade firewalls, routers, VPNs, and VoIP network platforms.

· Experience managing vulnerability and threat detection systems in production environments.

Physical Requirements:

· Prolonged periods sitting at a desk and working on a computer.

· Occasionally, equipment may need to be lifted or moved up to 25 lbs.