Infrastructure Security Engineer (Fortinet / WAF / DNS Security)

We are seeking an experienced Infrastructure Security Engineer to join our Infrastructure Security Tower. The role is focused on securing the network perimeter, protecting application traffic, and ensuring the resilience of our managed security infrastructure. The ideal candidate will have solid hands-on experience with Next-Generation Firewalls, Web Application Firewalls, DNS security technologies, and network security operations across multi-vendor environments.Key ResponsibilitiesIn this role, you will be responsible for managing the security technologies that protect our network and applications. Your daily tasks will include configuring and maintaining NGFW policies, IPS/IDS signatures, SSL inspection features, and VPN configurations across Fortinet, Palo Alto Networks, and Checkpoint platforms. You will also be responsible for managing and optimizing Web Application Firewall (WAF) rules to ensure robust application-layer protection aligned with OWASP standards.You will continuously monitor firewall, DNS, and remote access logs and will escalate suspicious or anomalous activities to the Security Operations Center (SOC) for deeper investigation. Collaboration with OEM and vendor support teams will also be part of your responsibility — this includes handling firmware upgrades, applying vulnerability patches, and reviewing configuration best practices.The role further requires you to support ongoing vulnerability remediation actions, assist in incident follow-ups, and prepare systems for internal and external compliance audits. You will maintain detailed documentation related to system configurations, change requests, SOPs, and operational runbooks, ensuring alignment with the organization’s change-management procedures.Required QualificationsTo succeed in this role, you should have a Bachelor’s degree in Cybersecurity, Network Engineering, Information Technology, or a related field. A minimum of 3 years of hands-on experience in network security operations or infrastructure security support is required.We expect strong skills in firewall policy configurations, VPN technologies, DNS security concepts, and incident response fundamentals. Practical experience with major security technologies is essential, especially Fortinet, including NGFW, WAF, secure switching, and remote-access VPN. Familiarity with Palo Alto Networks and Checkpoint firewalls will be highly advantageous. Exposure to Infoblox Secure DNS and Nutanix Hyperconverged Infrastructure is also preferred.Technology Experience We ValueThe role requires hands-on experience with technologies used to secure traffic, enforce policies, filter threats, and protect critical applications. You will work extensively with Fortinet solutions for NGFW, WAF, VPN, and secure switching. Experience with secure DNS platforms such as Infoblox is ideal, particularly involving DNSSEC, DNS filtering, and domain-level protection. A working understanding of Nutanix-based hyperconverged environments will also be beneficial for managing secure virtualized workloads.