Network Security Engineer

Join a large-scale transformation program within the energy sector, focused on building a cloud-native internal developer platform (EDP). The platform enables software teams to efficiently develop, deploy, and operate applications through self-service capabilities across hybrid cloud environments (private and public cloud). You will be part of the Infrastructure & Security Engineering area, responsible for designing, implementing, and continuously improving secure, scalable infrastructure services. Project information: • Location: 50% onsite Frankfurt am Main, 50% remote • Type of employment: B2B contract • Project language: English Responsibilities: • Design and implement secure infrastructure solutions in line with architectural and operational requirements • Develop and execute detailed security deployment plans, including timelines, phases, and required resources • Configure and deploy security solutions, ensuring alignment with best practices and defined security standards • Build and maintain script-based and automated security implementations to improve efficiency and reduce manual errors • Create and maintain comprehensive technical documentation, including configurations, protocols, and decision rationale • Continuously update documentation to reflect system changes and improvements • Monitor and validate implementation processes to ensure effectiveness and alignment with organizational goals • Identify gaps, inefficiencies, and risks, and propose corrective and optimization actions • Collaborate with Architects, DevOps teams, and other stakeholders to ensure a security-by-design approach • Support auditability and compliance by maintaining clear documentation and process traceability Requirements: • Senior-level experience in Security Engineering and Delivery within enterprise and large-scale data center environments • Strong expertise in designing secure network architectures (LAN/WAN, Zero Trust, network segmentation/micro-segmentation) • Proven experience leading security assessments, projects, and policy development • Hands-on experience with network security technologies:• Firewalls (Palo Alto, Checkpoint, Fortinet, Cisco) • IDS/IPS, NAC, proxies, VPNs • Load balancers (F5, A10, Radware) • SD-WAN, DDoS protection, SASE • Network virtualization (VXLAN/EVPN, SDN, ACI, NSX) • Strong troubleshooting and network performance optimization skills • Solid knowledge of DNS architecture and experience with: • Infoblox or similar platforms • Linux-based DNS (e.g., BIND) • Enterprise/hybrid DNS management • Experience with automation (Ansible) and scripting (Python) • Familiarity with security and compliance standards (ISO 27001, NIST, GDPR, SOC2) • Experience working in cross-functional environments with multiple stakeholders • Fluent English (C1 or higher) We offer: • Private medical care with dental care (covering 70% of costs). Family package option possible • Multisport card (also for an accompanying person) • Life insurance • Work with talented engineers on large-scale, technically challenging projects