Office based in our Sophia Antipolis (Valbonne, France) office 4 days per week or Kelsterbach (Frankfurt- Germany)
Senior Network Security Engineer
About the Role
We're seeking an experienced network security engineer to build, operate, and scale our SASE architecture, encompassing both logical and physical infrastructure managed through Infrastructure as Code leveraging both Fortinet products and Linux (OpenStack) systems. You'll work across network architecture, security operations, and automation-designing solutions, driving incident resolution, and implementing systemic improvements to prevent recurrence.
This role includes participation in a 24x7 NOC on-call rotation and requires some staffed weekend coverage.
What You'll Do
1. Maintain network architectures across datacenter environments (logical & physical)
2. Build and optimize network monitoring and observability systems
3. Develop automation to detect, mitigate, and remediate network events and solve problems
4. Perform root cause analysis and drive issues to resolution
5. Maintain documentation and operational consistency across the infrastructure
6. Contribute to technical discussions and long-range capacity planning
7. Provide support to internal teams as a top-tier escalation point for all production issues
What You Bring
Networking (8+ years)
8. Expert-level hands-on experience with L2 switching, IP routing, and protocols (BGP, OSPF, MPLS, VRRP, STP, GRE, IPsec, SNMP)
9. Large-scale BGP experience: public ASNs, peering, route arbitration, IRRs
Network Security (8+ years)
10. Access control, threat management (vulnerabilities, malware, APTs, botnets)
11. SSL inspection, content categorization, security/risk frameworks
12. Fortinet product experience strongly preferred
Linux & Infrastructure (5+ years)
13. Administration of RHEL/CentOS, Ubuntu
14. Web servers, SQL databases, LDAP, etc.
15. OpenStack experience a plus (RHOSP/RHOSO preferred)
General
16. Strong troubleshooting instincts and documentation habits
17. Comfortable working independently in a ticket queue environment
18. Clear communicator who can context-switch between deep technical work and stakeholder updates
Nice to Have
19. Cloud experience (AWS, GCP, Azure)
20. Infrastructure-as-code tools (Terraform, Ansible)
21. Load balancing and DDoS mitigation at scale
22. Certifications: NSE7/8, CCIE R&S, RHCSA/RHCE
Fluency in English essential + business level of local language highly desirable
#LI-NC1