Skills

Communication Leadership Python Network Security Incident Response Firewalls Encryption Cloud Security Monitoring Configuration Management Ansible Networking Architecture Network Architecture Security Architecture Machine Learning Azure AWS Analytics GCP Terraform

Job Specifications

Location: Hybrid - Rancho Cordova, CA or Denver, CO

Length: 12 months, possible direct hire for the right candidate

The Network Security Lead is responsible for designing, implementing, and governing client's global network security architecture across data centers, labs, offices, and cloud environments. This role combines deep engineering expertise with strategic leadership, driving architecture, automation, and operational excellence across Client's hybrid infrastructure.

The Network Security Lead will own the architecture and evolution of all network security domains — including core and lab networks, firewalls, on-premise proxies, and cloud connectivity — while leading and managing the Managed Service Provider (MSP) responsible for daily engineering, administration, and network analysis.

This role emphasizes AI-driven automation, leveraging machine learning and analytics to reduce manual effort and accelerate detection, response, and configuration management across the enterprise.

REQUIRED QUALIFICATIONS

Knowledge, Skills & Abilities

• Expertise in network and security architecture design, including:

o NGFWs, VPNs, SD-WAN (Prisma Access), segmentation, proxies, and hybrid connectivity

o Network automation frameworks (Ansible, Terraform, Python)

o Routing and switching protocols: BGP, OSPF, EIGRP, VXLAN, MPLS

o DNS/DHCP/IPAM (Infoblox), SSL/TLS, PKI, SSO/SAML/OAuth

o Cloud networking (Azure, AWS, GCP) — transit gateways, VPC/VNet security groups, private endpoints

• Deep understanding of Zero Trust Network Architecture (ZTNA) and Secure Access

Service Edge (SASE) models.

• Strong vendor management and contract governance experience with Managed

Service Providers.

• Experience applying AI and automation in operational network management,

security analytics, and policy optimization.

• Excellent communication and leadership skills to translate technical strategy into

business impact.

Education and Certifications

• Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or related technical discipline.

• 8+ years of experience in network security, infrastructure engineering, or equivalent field.

• 3+ years of experience in architecture-level leadership or MSP oversight.

• Preferred certifications:

o Cisco CCNP/CCIE Security

o Palo Alto PCNSE

o AWS Certified Advanced Networking or Azure Network Engineer Associate

o CISSP or equivalent cybersecurity certification

Essential Duties & Responsibilities

Architectural Leadership

Design and maintain global network security architecture across corporate, data center, lab, and cloud environments (Azure, AWS, GCP) with hub-spoke and zero-trust models.
Develop reference architectures for Prisma Access SD-WAN, NGFW, Infoblox DNS/DHCP, and VPN platforms.
Collaborate with Infrastructure, Network, Cloud, and InfoSec teams to ensure consistent policy enforcement.
Define long-term network security roadmap for resilience, performance, and scalability.

Operational Oversight & Vendor Management

Lead and manage MSP for L2/L3 network security engineering, administration, and monitoring.
Define performance metrics, SLAs, escalation procedures, and automation goals.
Oversee incident response, firewall object management, certificate/license updates, session table maintenance, and SOP execution.
Optimize privileged access, onboarding, browser integrations, and OTP verification processes.
Maintain and update SOPs to reflect evolving technologies and enterprise needs.

Automation & AI Integration

Implement AI/ML for network telemetry analysis, anomaly detection, and automated response workflows.
Drive AIOps, predictive analytics, and zero-touch provisioning to reduce manual effort.

Engineering & Governance

Provide guidance on routing, switching, segmentation, encryption, and authentication frameworks.
Enforce network security policies and standards; review firewall, ACL, and proxy changes.
Conduct security architecture reviews for projects and cloud integrations.
Report on security posture, incidents, and improvements in QBRs and executive meetings.

Mentorship & Collaboration

Mentor engineers across Infrastructure and InfoSec teams.
Align network and cyber defense strategy with CISO, Cloud Security, and SOC leaders.
Support compliance and audit evidence collection for internal/external audits.

Platform Expertise & Incident Response

Maintain expertise in platforms like Panorama, NP Extranet, aiSSD, and browser integrations.
Lead root cause analysis, session table clearances, and error remediation following SOPs.

About the Company

We are a women-owned minority business enterprise at the forefront of talent management solutions. We provide managed services to our clients, domestically and globally, in the areas of IT, Engineering, Business Professionals, Finance, Marketing, Life Sciences, and the Creative Services Suite. Through our domain-specific expertise and customized client delivery processes, we will help you solve your worries with certainty and awareness. Cube Hub is driven by our culture of purpose, shared values, and perpetual growth. Loyalt... Know more