Network Security Engineer - Firewalls, DNS Security, IPS (REMOTE)
Ferguson · United States
This listing has closed — view similar roles below.
- Hybrid
- Full-time
- $114,000 / year
- United States
Job highlights
- Operate global network security platforms.
- Resolve complex network security issues.
- Partner with teams for secure designs.
- Administer firewalls and DNS security.
- Support M&A security integration.
About the role
About Ferguson
Since 1953, Ferguson has been a source of quality supplies for a variety of industries. Together We Build Better infrastructure, better homes and better businesses. We exist to make our customers’ complex projects simple, successful, and sustainable. We proactively solve problems, adapt and grow to continuously serve our customers, communities and each other. Ferguson, a Fortune 500 company, is proud to provide best-in-class products, service and capabilities across the following industries: Commercial/Mechanical, Facilities Supply, Fire and Fabrication, HVAC, Industrial, Residential Trade, Residential Building and Remodel, Waterworks and Residential Digital Commerce. Ferguson has approximately 36,000 associates across 1,700 locations. Ferguson is a community of proud associates who operate with the shared purpose of building something meaningful. You will build a career that you are proud of, at a company you can believe in.Job Overview
The Network Security Engineer – Firewalls, DNS Security, IPS role is a key part of our Network Security Team, focused on making sure only trusted users and traffic can access our enterprise networks. In this hands‑on technical role, you’ll help operate and improve the security platforms that protect our global environment - including firewalls, intrusion prevention, DNS security, wireless security, and DDoS protection. You’ll work across all operating companies to solve complex issues, strengthen our security posture, and enhance the reliability and performance of our network services. This role is ideal for someone who enjoys tackling undefined problems, improving processes, and partnering with teams to drive secure‑by‑design outcomes.Areas of Impact
Establishes service-oriented relationship patterns, for service delivery across all operating companies.Responsibilities
- Operation and administration of global Network Security platforms supporting enterprise and data center environments.
- Act as a technical authority and support point for complex network security issues involving customer concerns impacting enterprise, data center, and hybrid environments.
- Drive secure‑by‑design outcomes by partnering with Architecture, Infrastructure, SOC/NOC, and Application teams to influence designs, standards, and implementation approaches.
- Ensure network security services are reliable, scalable, well‑documented, and aligned with business and risk objectives.
- Contribute to the evolution of network security capabilities through technology evaluation, service enhancement, and process optimization.
- Engineer, administer, and optimize next‑generation firewall environments, including security policy management, network segmentation, intrusion prevention, and SSL/TLS decryption.
- Administer and enhance DNS security services, including policy design, threat protection, and reporting.
- Lead or support the deployment and operation of SD‑WAN security controls, wireless intrusion prevention, and DDoS protection platforms.
- Develop and execute security test plans based on architectural designs; identify deficiencies and implement improvements while minimizing production impact.
- Serve as a subject‑matter expert for firewall, DNS security, SD‑WAN, and related network security technologies.
- Respond to security incidents, service requests, and escalations, ensuring resolution within defined service levels.
- Create and maintain runbooks, operational documentation, and workflows to improve consistency, reliability, and operational maturity.
- Support mergers and acquisitions through network security assessments, discovery activities, remediation planning, and secure integration design.
- Advocate for new or enhanced network security services and contribute technical requirements to technology selection and evaluation processes.
- Drive operational efficiencies and automation that enable the team to focus on higher‑value engineering work.
- Deliver assigned initiatives on time and in alignment with service level expectations.
- Adhere to all applicable policies, standards, and procedures, and perform other duties as assigned by management.
Qualifications and Requirements
- Bachelor’s degree in computer science, Information Security, MIS, or a related field, or equivalent practical experience.
- 4 - 7 years of hands‑on experience in network security engineering within large enterprise environments.
- Demonstrable experience managing and operating large‑scale next‑generation firewall policies for complex enterprises; experience with Palo Alto Networks Panorama and/or Versa Director preferred (other NGFW platforms considered).
- Strong practical experience with DNS security (Cisco & Palo Alto Networks), DDoS protection (Akamai Prolexic), wireless security (Cisco Meraki), VPNs, and SD‑WAN technologies.
- Deep understanding of network and web protocols, routing (e.g., BGP), firewall architectures, intrusion prevention, and network segmentation.
- Experience supporting enterprise security assessments, remediation efforts, and modernization initiatives.
- Strong analytical and troubleshooting skills, with the ability to resolve sophisticated, ambiguous problems.
- Excellent written and verbal communication skills, including the ability to explain technical concepts to non‑technical audiences.
- Demonstrated ability to work independently, take initiative, and provide technical leadership through mentoring, documentation, and fostering collaboration.
- Certifications are not required but are valued (e.g., CCNA, SSCP, CISSP).
- Working understanding of the SDLC and QA lifecycle, and how network security integrates into modern delivery practices.
- Demonstrated integrity, curiosity, adaptability, and a strong customer‑focused approach.
Benefits and Perks
At Ferguson, we care for each other. We value our well-being just as much as our hard work. We are committed to a holistic approach towards benefits plans and programs that support the mental, physical and financial well-being of our associates. Our competitive offering not only includes benefits like health, dental, vision, paid time off, life insurance and a 401(k) with a company match, but our associates also enjoy additional meaningful and inclusive enhancements that are adaptable to their diverse situations and needs, including mental health coverage, gender affirming and family building benefits, paid parental leave, associate discounts, community involvement opportunities and more!Key skills/competency
- Network Security Engineer
- Firewalls
- DNS Security
- Intrusion Prevention Systems (IPS)
- Palo Alto Networks
- Cisco Security
- SD-WAN
- DDoS Protection
- Network Protocols
- Security Policy Management
Skills & topics
- Network Security Engineer
- Firewall Management
- DNS Security
- Intrusion Prevention
- Cybersecurity
- Network Administration
- Palo Alto Networks
- Cisco Security
- SD-WAN
- Remote Work
How to get hired
- Tailor your resume: Highlight experience with firewalls, DNS security, and IPS, aligning with Ferguson's requirements.
- Craft a compelling cover letter: Emphasize your problem-solving skills and collaborative approach in your application for the Network Security Engineer role.
- Prepare for technical questions: Be ready to discuss your experience with Palo Alto Networks, Cisco security, and SD-WAN technologies during interviews.
- Showcase leadership: Demonstrate your ability to work independently and provide technical leadership in your application and interviews.
- Research Ferguson's values: Understand their commitment to 'building something meaningful' and how your contributions align.
Technical preparation
Master firewall policy management.,Practice DNS security configurations.,Study intrusion prevention system operations.,Review SD-WAN security features.
Behavioral questions
Describe a complex security problem you solved.,How do you collaborate with other teams?,Explain a time you took initiative.,How do you explain technical issues clearly?
Frequently asked questions
- What are the key responsibilities of a Network Security Engineer at Ferguson?
- As a Network Security Engineer at Ferguson, you will be responsible for operating and administering global network security platforms, including firewalls, intrusion prevention, DNS security, and DDoS protection. You'll also partner with various teams to drive secure-by-design outcomes, resolve complex network security issues, and support mergers and acquisitions.
- What specific security technologies are most important for this Network Security Engineer role?
- The role emphasizes hands-on experience with next-generation firewalls (Palo Alto Networks, Versa preferred), DNS security (Cisco, Palo Alto Networks), intrusion prevention, DDoS protection (Akamai Prolexic), wireless security (Cisco Meraki), VPNs, and SD-WAN technologies.
- Is this Network Security Engineer position remote or on-site?
- This Network Security Engineer position is approved to be fully remote and can be based anywhere in the United States.
- What qualifications are required for the Network Security Engineer position at Ferguson?
- A Bachelor's degree in a related field or equivalent practical experience is required, along with 4-7 years of network security engineering experience in large enterprises. Demonstrable experience with firewalls, DNS security, and a deep understanding of network protocols are essential.
- Does Ferguson require specific certifications for the Network Security Engineer role?
- Certifications are not strictly required for the Network Security Engineer role at Ferguson, but they are valued. Relevant certifications like CCNA, SSCP, or CISSP can strengthen your application.
- How does Ferguson support the well-being of its associates in this Network Security Engineer role?
- Ferguson offers a holistic approach to benefits, including health, dental, vision, paid time off, life insurance, and a 401(k) with a company match. They also provide mental health coverage, gender-affirming and family-building benefits, and paid parental leave.
- What is the typical career growth for a Network Security Engineer at Ferguson?
- While specific paths vary, Ferguson emphasizes building a career you are proud of. As a Network Security Engineer, opportunities for growth may involve advancing technical expertise, taking on more complex projects, or potentially moving into leadership roles within the network security domain.