{bc}
linkedin

Lead - Security Engineer (Network Infrastructure)

Petrofac
Sharjah, UAE
Full Time
Lead
4 weeks ago
Network Security ArchitectureFirewallsIDS/IPSSegmentationLAN/WAN/SD WANLoad Balancers
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Network Security ArchitectureFirewallsIDS/IPS
Smart Apply

Full Job Posting

Role Purpose

  • Own the design and engineering of preventative security controls across network infrastructure, perimeter security, segmentation, and enterprise connectivity.
  • Act as the technical authority for secure by design network and infrastructure security architectures with strong focus on resilience, segmentation, standardisation, and automation.

Key Responsibilities

  • Security Architecture & Engineering: Define network security architecture standards, principles, and reference patterns. Lead security design reviews for network, connectivity, and infrastructure changes. Produce reusable blueprints, standards, and engineering guardrails. Provide technical assurance
  • Network Segmentation, Access Control & Infrastructure Protection: Architect secure segmentation models across enterprise, data centre, and remote sites. Design and govern VLAN strategy, east west and north south traffic controls, and network access boundaries. Implement and enhance NAC, network zoni
  • Firewall, Perimeter & Traffic Security Engineering: Design and maintain firewall policy standards, rule lifecycle governance, and review processes. Engineer preventative controls across next generation firewalls, IDS/IPS, proxy, and secure web gateways. Define ingress, egress, and inter network filt
  • Load Balancing, Application Delivery & Secure Network Services: Define secure load balancer and application delivery controller standards. Implement resilient and secure patterns for internal and external application publishing. Engineer controls for TLS inspection, certificate handling, and secure
  • WAN / LAN / SD WAN Security & Connectivity Governance: Define secure design standards for WAN, LAN, internet breakout, and SD WAN environments. Architect resilient branch and campus security patterns aligned to business and operational needs. Implement segmentation, encrypted transport, routing secu
  • Security Monitoring, Detection & Infrastructure Telemetry: Define infrastructure security logging and telemetry requirements across network platforms. Integrate firewalls, IDS/IPS, load balancers, and network devices with SIEM / SOC processes. Improve visibility of network flows, anomalous traffic,
  • Security Automation & Operational Improvement: Automate network security configuration validation, compliance checks, and control assurance. Define repeatable engineering processes for rule reviews, device hardening, and segmentation governance. Implement infrastructure as code or policy driven appr
  • Partner Oversight & Delivery Governance: Provide engineering oversight to third parties delivering network and security infrastructure services. Define technical requirements, review solution quality, and validate secure delivery outcomes.

Essential Experience Requirements

  • 8–12+ years in network security engineering / infrastructure security architecture.
  • Strong expertise in firewalls, IDS/IPS, segmentation, and enterprise network security.
  • Hands on experience with routers, switches, load balancers, and secure connectivity platforms.
  • Strong understanding of LAN / WAN / SD WAN, remote access, and hybrid network environments.
  • Experience delivering preventative controls, network hardening, and secure infrastructure design.

Desirable

  • Palo Alto / Fortinet / Check Point / Cisco / F5 certifications or equivalent experience.
  • Experience with NAC, ZTNA, SASE / SSE, and network access control technologies.
  • Familiarity with network automation, infrastructure as code, or configuration compliance tooling.
  • TOGAF or architecture training.

Core Skills

  • Network security architecture and design assurance
  • Firewalls, IDS/IPS, and perimeter security engineering
  • Segmentation, VLAN, zoning, and access control
  • Routers, switches, load balancers, and traffic security
  • WAN / LAN / SD WAN security governance
  • Security monitoring, telemetry, and infrastructure automation

Success Measures

  • Reduction in network exposure and attack surface
  • Improved segmentation and access control maturity
  • Firewall and rule base optimisation
  • Secure onboarding of sites, services, and connectivity changes
  • Increased visibility and assurance across network security controls

Positioning Summary

  • Network focused, prevention led security engineering centred on secure connectivity, resilient infrastructure, segmentation, and scalable guardrails.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Petrofac