About the Role

The Network Security Engineer will join the US Solutions Delivery team, implementing and supporting enterprise firewall and network security solutions across customer environments. This is a hands-on, delivery-focused role centered on Cisco ASA and FTD platforms, and NGFW deployments. The engineer owns assigned workstreams end-to-end - from lab validation through production cutover — and works closely with architects, project managers, and customer stakeholders. The engineer should be US Citizen and willingness to travel is required.

Key Responsibilities

Firewall Deployment & Operations

• Implement and configure enterprise firewall and network security solutions (NGFW/FTD, VPNs, NAT, NAC/ISE, SASE) in alignment with approved designs
• Manage and maintain firewall policies, including access rules, NAT, objects, zones, and security profiles following best practices
• Perform testing and validation of firewall rules and security configurations in lab or staging environments before production deployment

Migration & Troubleshooting

• Support firewall migrations from Cisco ASA and third-party platforms to Cisco FTD
• Troubleshoot and resolve firewall and network security issues, including traffic drops, NAT issues, VPN failures, and routing/DNS/DHCP dependencies
• Identify and implement opportunities for optimization and automation, such as rule cleanup, standardization, and workflow improvements

Execution & Coordination

• Collaborate with architects, senior engineers, and project managers to ensure accurate and timely solution delivery
• Participate in project sync-ups and technical discussions to understand requirements, scope, and deployment sequencing
• Take ownership of assigned tasks end-to-end, including escalation, root cause analysis (RCA), and issue resolution

Documentation & Continuous Improvement

• Create and maintain comprehensive documentation, including firewall rules, network diagrams, VPN inventories, and operational runbooks
• Stay current on firewall platforms, SASE, Zero Trust, and network security practices, applying new learnings to day-to-day delivery work

Basic Qualifications

• Candidate should be a US citizen.
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or related field
• 5-7 years of experience in cybersecurity, with a strong focus on firewall design and implementation
• 4+ years of hands-on experience designing and implementing Cisco ASA and Cisco FTD firewall environments or any third-party firewalls such as Palo Alto/Fortinet/Checkpoint experience with limited Cisco Firewall experience.
• Proven expertise in troubleshooting firewall and VPN connectivity issues, including NAT, routing, and policy-related problems
• Good understanding of NGFW features such as malware protection, threat detection, URL filtering, SSL decryption, and Intrusion Prevention Systems (IPS); hands-on experience preferred
• Experience working with multi-instance firewall environments
• Strong understanding of core networking concepts: TCP/IP, DNS, DHCP, subnetting, NAT, VPNs, and routing/switching fundamentals
• Willingness to travel across the U.S. to support customer deployments and firewall rollouts.

Preferred Qualifications

• CCNP Security certification or equivalent demonstrated expertise
• Experience with Cisco Secure Access, Umbrella, or XDR platforms.
• Knowledge of Zero trust/SASE implementations.
• Knowledge of Cisco ISE for NAC/802.1X integration alongside firewall deployments
• Experience with security automation and scripting (Python, Ansible, APIs)
• CISSP, GIAC, or other industry-recognized security certifications
• Familiarity with compliance frameworks (PCI-DSS, HIPAA, SOC 2, NIST)
• Prior experience in a consulting, professional services, or partner-led delivery model

Salary Range

$90,000 - $140,000 USD + Benefits

This is a full-time role with Gruve. Please note that Gruve does not provide visa sponsorship for this position; candidates must be U.S. citizens or Green Card holders to apply. This is an on-site role based in Edison, New Jersey.

‍