Senior Firewall & Network Security Engineer The Senior Firewall & Network Security Engineer (NGFW) is a senior, hands‑on technical specialist responsible for the end‑to‑end operational management of the organisation's Next Generation Firewall (NGFW) securityservices, with primary experience in Fortinet FortiGate and similar enterprise firewall platforms. The role ensures effective delivery of layer 7 firewalling, intrusion prevention, VPN, application control, web filtering(including directory integrated policies), anti malware protections, and internal segmentation controls, safeguarding business operations while enabling secure connectivity. This role is accountable for secure policy enforcement, continuous optimisation and recertification of firewall rules, incident response, security hygiene (patching/backups), and compliance reporting, operating in alignment with security standards and governance processes. What You'll Do Own and operate NGFW services including next‑generation layer‑7 firewalling, ensuring secure and resilient perimeter protection. Configure, manage, and tune network intrusion detection/prevention (IPS/IDS) controls, including rules configuration aligned to business requirements and security recommendations. Manage VPN services (remote access and site‑to‑site), supporting secure connectivity and troubleshooting across the firewall estate Implement and maintain application control (application‑aware policy enforcement) to reduce risk and improve security posture. Implement and maintain web filtering with directory integration, enforcing organisational internet access policies and updating content filtering as OEM updates are released. Operate and maintain anti‑virus / malware protection services on the NGFW platform to protect against malicious websites, exploits, and malware. Perform regular modelling, testing, execution, and tracking of firewall rule/policy changes based on business requirements, ensuring governance alignment Conduct monitoring and audit of firewall configurations against agreed standards and approved changes, ensuring configuration integrity and compliance. Drive optimisation and periodic recertification of rules and policies, ensuring they remain effective, minimal, and aligned to good practice principles. Implement and manage internal network segmentation controls to support secure zoning and reduce lateral movement risk. Handle and resolve incidents, alerts, exceptions, and exposures associated with firewall and perimeter security controls, including root cause analysis and remediation guidance. Ensure NGFW platform hygiene, including patching in line with OEM recommendations and maintaining secure operational posture. Perform configuration backups and store them according to best practice, supporting recoverability and operational continuity. Provide actionable operational security communications by notifying stakeholders of major security/health issues with context and remediation recommendations. Maintain and support centralised logging and reporting integrations for analysis and operational visibility (e.g.,external logging to an analyser platform) where implemented. Produce security and compliance reporting on incidents raised and compliance status, aligned to reporting requirements and frequency. Assist with defining and maintaining vulnerability scan policy and related firewall security inputs What You Bring 5–10 years' experience in enterprise firewall / network security operations Proven hands‑on experience with Fortinet FortiGate NGFW operations (policy, IPS, VPN, web filtering, application control, AV/UTM services) Experience with similar enterprise firewall technologies (advantageous) and operating in change‑controlled environments. Qualifications & Certifications Relevant IT qualification (Diploma/Degree preferred). Fortinet NSE / Fortinet Professional certifications (strongly preferred), e.g. NSE 4 / FCP Network Security (core operations), NSE 5 (analysis/management) NSE 7 (advanced troubleshooting/enterprise design & operations) Key attributes and competencies Strong hands‑on expertise operating NGFW security controls (Layer 7 firewalling, IPS/IDS, VPN, application control, web filtering, malware protections). Strong policy governance capability: change modelling/testing, configuration audit, and periodic policy optimisation/recertification. Incident leadership: ability to handle and resolve alerts, exceptions, and exposures with structured RCA andpragmatic remediation. Ability to balance security and availability, ensuring secure enablement of business connectivity while maintainingcontrols Key performance measurables Security effectiveness of NGFW services: efficacy of Layer 7 controls, IPS/IDS posture, web filtering, application control, and malware protections. Policy quality and governance: change success rate, configuration audit adherence, and regular optimisation/recertification of rules. Incident handling and remediation: response quality to alerts, exceptions, and exposures; reduction in repeat issues through RCA Operational hygiene: timely patching, configuration backups, and health/security communications with actionable remediation guidance. Reporting compliance: delivery of required compliance and incident reporting to agreed frequency and standards. Client Information A leading organisation with a strong focus on secure digital operations, investing in advanced infrastructure and skilled professionals to support its evolving technology landscape. #J-18808-Ljbffr