Senior Specialist - Network & Security

Lulu Group

Role & responsibilities

The role is established to ensure a secure, reliable, and high-performance IT infrastructure across the organizations network and advanced security operations. The position ensures configuration and maintenance of critical network assets including DC switching, DC firewalls, DC network & security servers, load balancers, WAF, SSL VPN, cloud network & security, SASE, API management. Participation in DR drill, POC, Execution of new solutions also configuration of branch network assets, and ensuring operational efficiency through helpdesk-based workflows is also a responsibility of this position.

Job Responsibilities

1.Network Infrastructure Management

Design, implement, and maintain LAN/WAN connectivity across corporate and branch locations. Manage MPLS, SD-WAN, VPN tunnels, and internet failover strategies.

2.Security Architecture & Zero Trust Enforcement

Manage and administer next-generation firewalls, including FortiGate and Forcepoint NGFWs, ensuring optimal performance and high availability. Design, implement, and maintain Fortinet SASE solutions, enforcing Zero Trust Network Access (ZTNA) policies to secure remote user traffic with granular control. Act as the primary technical owner for all firewall and security policy changes.

3. Data Center Microsegmentation & ACI Management

Oversee the security posture of the data center network, specifically managing and maintaining the Cisco ACI environment. Define, audit, and enforce ACI Contracts to ensure strict microsegmentation and control East-West communication between application segments, adhering to the Principle of Least Privilege.

4.Advanced Network Optimization & SD-WAN

Lead the configuration and optimization of FortiGate SD-WAN features to intelligently steer traffic based on link performance, quality metrics (jitter, latency, loss), and application requirements. Manage and troubleshoot complex routing protocols (OSPF, EIGRP) and Layer 2 infrastructure (MST, VLANs, STP) across core and distribution layers.

5.L3 Incident Response & Fault Management

Serve as the L3 escalation point for all critical security and network faults, including complex VPN failures (IPsec/SSL), policy conflicts, and performance degradations. Utilize monitoring and SIEM tools (FortiAnalyzer, FortiMonitor) for rapid root-cause analysis and timely resolution to meet stringent MTTR SLAs.

6.Multi-Vendor Configuration & Governance

Ensure configuration consistency across the multi-vendor environment, utilizing central management platforms like FortiManager and Aruba Central for seamless policy deployment across firewalls, FortiSwitches, and Aruba Switches/APs. Maintain and audit all access lists and security policies to comply with internal and external regulatory standards.

7.Projects & Security Tool Deployment

Lead technical infrastructure projects related to network security, including firewall migrations, major OS upgrades, and the deployment of new security tools (e.g., EDR/SOAR integrations). Coordinate cross-functional teams and external vendors to ensure project delivery meets security, budget, and timeline objectives.

8. Proactive Risk Mitigation & Vulnerability Management

Perform regular security audits and vulnerability assessments on network and security devices. Implement configuration hardening guides and lead the timely patching/remediation of critical vulnerabilities to reduce the overall network attack surface.

9. Documentation & Operational Excellence

Create and maintain high-quality documentation for security architectures, L3 troubleshooting guides, standard operating procedures (SOPs), and incident response playbooks. Drive operational excellence by tracking key performance indicators (KPIs) and recommending process improvements.

10. Disaster Recovery & Business Continuity

Develop and test DR strategies for network infrastructure to meet defined RTO/RPO objectives.

11. Compliance & Security Audits

Ensure adherence to ISO 27001, PCI-DSS, and internal security policies. Support vulnerability assessments and penetration testing remediation.

12.Load Balancer & WAF Administration

Configure and maintain load balancers (Array,F5, Citrix) and WAF solutions for application security and performance optimization.

13. Projects

Execute network upgrade projects, new site connectivity, and security tool deployments.

Key Competencies and Skills

• Strong technical knowledge of datacentre network and security components
• Ability to manage firewall, WAF, SSL VPN, and cloud security
• Experience in patching and vulnerability remediation
• Strong Incident response and troubleshooting skills
• Documentation and compliance support
• Team collaboration and process adherence
• Strong analytical, troubleshooting, and communication skills

Performance Metrics / KPIs

• Asset Uptime
• Incident Resolution
• Patch Compliance
• Change Management
• Policy Accuracy and Incident free operations
• Documentation