Network Security Engineer (Firewall & NAC)

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

About the position

UMG is seeking an experienced Network Security Engineer (Firewall & NAC) to join our Global Network Infrastructure team. This role plays a critical part in UMG’s Global Security and Cybersecurity strategy by designing, standardizing, and operating enterprise firewall and perimeter security platforms. The ideal candidate will have deep hands-on experience with next-generation firewall technologies, a strong focus on security standardization, and the ability to partner closely with Cybersecurity and Infrastructure teams in a global enterprise environment.

Design, deploy, and support enterprise firewall and perimeter security solutions
Build, implement and maintain security controls aligned with Zero Trust and least-privilege principles
Lead standardization efforts across firewall platforms and configurations
Define and maintain Network Access Control (NAC) strategy, standards, and architectures (Cisco ISE) to support secure enterprise access.
Design, implement, and operationalize NAC policy including authentication/authorization, device profiling, and identity-based segmentation enforcement.
Own network security logging and telemetry strategy for firewall and NAC controls, including log scope, retention, access controls, and audit readiness.
Design and implement logging methods and systems (e.g., syslog, API-based ingestion, cloud-native logging) to onboard network security events into the enterprise SIEM for monitoring and incident response.
Partner with the SOC to define alerts, dashboards, and investigation workflows based on firewall and NAC security logs.
Perform security assessments and contribute to risk reduction initiatives
Serve as an escalation point for complex firewall and network security issues
Maintain network security standards documentation, configuration standards, and operational runbooks
Participate in technology evaluations and security architecture reviews
Ensure adherence to change, incident, and problem management processes

5+ years of overall IT experience
3+ years in firewall or network security engineering roles
Experience with firewall concepts and implementations, preferably Palo Alto Networks firewalls.
Experience with Network Access Control (NAC) concepts and implementations, preferably Cisco Identity Services Engine (ISE).
Working knowledge of AAA and secure access methods including 802.1X and RADIUS/EAP; familiarity with certificate-based authentication and PKI dependencies.
Experience designing and operating security logging for network security controls, including log source onboarding, normalization, retention, and integration with SIEM platforms.
Solid understanding of IP networking, routing, and security fundamentals
Experience working in large, global, or regulated environments
Strong communication and documentation skills

Security certifications such as CCNP Security, PCNSE, or equivalent
Familiarity with Zero Trust, network segmentation, and security governance frameworks
Experience supporting audits, compliance, or regulatory requirements

Comprehensive medical, dental, and vision coverage
Including 100% coverage for out-patient in-network mental health services
Fertility coverage for eligible medical plan participants
Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)
Student Loan Repayment Assistance and Tuition Reimbursement
401(k) with 100% immediate vesting on the first 5% of your contributions, plus an additional UMG contribution
A variety of ways to prioritize much-needed time away from work including:
Flexible Paid Time Off (PTO) for exempt employees
3-weeks PTO for non-exempt employees
2-weeks paid Winter Break
10 Company Holidays (including Juneteenth and Wellbeing Day)
Summer Fridays (between Memorial Day and Labor Day)
Generous paid parental leave for every type of parent

Apply tot his job

Apply To this Job