Senior Network Security Engineer- Qatar

A leading company that specializes in providing technology solutions and services, particularly focusing on data management and software systems, is looking for a highly qualified  Senior Network Security Engineer to join their team in Qatar. The ideal candidate will have over 8+ years of hands-on experience in managing and securing complex network successful candidate will be responsible for designing, implementing, and maintaining robust network security solutions to protect our organization's critical assets. Key Responsibilities : Excellent understanding and proven experience in implementing the following devices : Network Security and Management :

• ASA 5500 Series with Single / Multiple Context based solutions.
• Cisco FTD 2100-X, 4100-X Series Firewalls.
• ASA 5500-X Series with FirePower Services.
• Cisco Identity Service Engine (ISE), Cisco Umbrella, Cisco AMP
• Palo Alto Next-Generation , Checkpoint and Fortinet Firewalls
• Cisco 3800, 4000, 6000, 9000 Series Switches for Core layer Routing
• Sophos XG Firewall and Sophos Wireless.
• Cyberoam, Sonicwall, Fortinet UTM Firewalls.
• Wired / Wireless authentication based on the standard Dot1x Suite : EAP-TLS, MS-CHAPv2, EAP, EAP-FAST.
• Cisco IPS – Inline / Promiscuous mode implementation with custom signatures.Confidentiality and Secure Wireless Access :
• Cisco Wireless LAN Controllers (WLC) integrated with ISE / WSA solution
• Cisco 1142 / 1252 Access Points.Excellent level of knowledge in Perimeter Security and Services, which includes :
• Intrusion Prevention and Content Security :
• IPS 4200 series, Palo Alto, Cyebroam, Sophos, Sonicwall and Watchguard UTMs
• IPSec VPN (Static and Dynamic)
• DMVPN on Cisco 3800 Series and Cisco 1800 (3G) series and ISR Series Routers.
• Flex VPN (Site-to-Site, Server-Client, Hub-Spoke), GETVPN.
• VRF, VPC, Ether-channeling on stacks of Cisco 3800, 4500, 6000, 9000 series switches.
• Solarwinds Kiwi Cat tools.Authentication Policies :
• AAA, based on TACACS+ / RADIUS, Network Policy server
• Cisco ACS , Cisco ISEExcellent ability in threat Identification and Mitigation techniques along with System hardening and Availability which include in-depth knowledge of the following protocols and suites :
• Routing Protocols : OSPF, RIP, EIGRP, BGP.
• Switching : STP, MSTP, RSTP, PVSTP, HSRP, VRRP, Redundancy, VTP, Trunk, Ether-Channel. Switch
• Security : Port Security, DHCP snooping, ARP Inspection, PVLANS.
• Design, deploy, and manage F5 LTM, GTM, and WAF solutions to ensure high availability and security of applications.
• Configure and manage Palo Alto and Fortigate firewalls to protect the network perimeter and internal segments.
• Implement and maintain DNS, DHCP, and IPAM solutions using Infoblox.
• Utilize Fore-scout for network access control and device visibility.
• Administer and configure Cisco ISE and Aruba ClearPass for secure network access and policy enforcement.
• Conduct regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate risks.
• Develop and enforce security policies, procedures, and best practices.
• Monitor network traffic and security alerts, and respond to incidents promptly.