Security Infrastructure Engineer (Fortinet & Zero Trust)

Employer OverviewA national-scale private cloud platform provides secure, integrated IT services across multiple subsidiaries. The platform delivers multi-tenant, high-availability environments with advanced network and application security, supporting compliance, Zero Trust access, and secure workload hosting across hybrid infrastructures.Job SummaryThe Security Infrastructure Engineer is responsible for designing, implementing, and operating the security infrastructure of the private cloud platform. The role ensures secure network and application access, tenant-level segmentation, and Zero Trust principles, while maintaining high availability and compliance across multi-site environments.Key ResponsibilitiesDesign and operate Fortinet security platforms (NGFW, WAF, ADC, NAC, FortiAuthenticator, Sandbox)Implement and manage tenant-level security segmentation and firewall policiesIntegrate Zero Trust access solutions (e.g., AppGate or equivalent)Manage north-south and east-west traffic inspection and security policiesSupport secure application publishing and WAF protectionCollaborate with SOC teams for incident response and threat mitigationEnsure compliance with security policies and regulatory requirementsSupport disaster recovery and high availability for security infrastructureOptimize security performance and scalability across multi-tenant environmentsRequirementsBachelor’s degree in Cybersecurity, Networks, Computer Engineering, or related field (preferred)6–10 years in network and infrastructure securityHands-on experience with enterprise security platforms in large-scale environmentsProven experience with TCP/IP, routing, and network security principlesFamiliarity with SIEM integration and incident response coordinationStrong analytical and problem-solving abilitiesExcellent communication and collaboration skillsDetail-oriented with proactive security mindsetAbility to work independently and in cross-functional teamsFortinet ecosystem: FortiGate, FortiWeb, FortiADC, FortiNAC, FortiAuthenticator, FortiSandboxFirewall policy design and tenant-level network segmentationZero Trust architecture and secure remote accessDDoS protection and traffic filteringApplication security and WAF managementIntegration with SIEM and SOC platformsProficiency with security management, monitoring, and orchestration toolsFamiliarity with hybrid and multi-site cloud environmentsFluency in English (written and spoken)Ability to maintain 24x7 security infrastructure availabilityCapacity to implement secure access and segmentation across multi-tenant environmentsCapability to support DR and high-availability operationsAbility to optimize security performance and enforce compliance policiesFortinet NSE4 / NSE7 / NSE8CISSP or equivalent security certificationCCNP Security or equivalent