Network Engineer
Systems Limited
Description
Role Summary:
We are seeking a skilled L2 Network & Infra Security Engineer with strong expertise in Fortinet technologies. The candidate will be responsible for designing, delivering, supporting, troubleshooting, and managing a large enterprise network and security infrastructure
Skills and Expertise:
· Hands-on experience configuring, managing, and troubleshooting firewall policies on FortiGate, including NAT (SNAT/DNAT/VIP), security profiles (IPS, Antivirus, Web Filtering, Application Control), SSL inspection, and interface/zoning, with the ability to analyze and resolve real-world traffic flow issues.
· Strong working knowledge of L2/L3 networking, including VLANs, Trunking, STP, static routing, and routing protocols such as OSPF and BGP (neighbouring, route advertisement/learning), along with hands-on experience with FortiSwitch (or equivalent) for access layer deployment and troubleshooting.
· Strong Knowledge and hands-on expertise of BGP and OSPF routing, to design, implement, and support large enterprise networks.
· Strong Knowledge and hands-on expertise on WLAN networks – Design, Deliver, and Troubleshoot, based on vendors like Fortinet, Cisco, etc.
· Solid understanding of secure remote access technologies, including IPsec and SSL VPN.
· Strong Knowledge and hands-on expertise on SASE solutions – Design, Deliver, and Troubleshoot, specifically based on FortiSASE. Working knowledge of cloud-delivered security concepts such as SDWAN, Secure Web Gateway (SWG), CASB, SIA, SPA, and Zero Trust Network Access (ZTNA), with hands-on involvement in user onboarding, policy enforcement, and troubleshooting remote access issues.
· Strong expertise in identity and authentication solutions using Forti Authenticator, including MFA, SSO, RADIUS/TACACS+, and deep integration with Active Directory/LDAP for role-based access control across network and security platforms.
· Strong Knowledge and hands-on expertise of Network Access Control (NAC) solutions, based on FortiNAC, including user and device Authentication, Posturing and profiling, MAC-based authentication, endpoint visibility, and integration with switching and firewall infrastructure.
· Ability to analyze logs and generate reports using FortiAnalyzer (or similar tools), investigate security events, and identify traffic anomalies for operational troubleshooting.
· Experience in integrating on-premises networks with cloud platforms (Azure/AWS) using IPsec VPN, with understanding of VNet/VPC design, subnetting, routing behavior, and advance BGP based connectivity use cases for hybrid connectivity.
· Working knowledge of FortiManager for centralized configuration management.
· Strong troubleshooting skills with the ability to handle real-time incidents such as VPN failures, user access issues, and application connectivity problems, perform initial root cause analysis, and coordinate effectively with OEM TAC support.