Security Engineer, SSE/SASE

About

This position leads the design, implementation, and optimization of the organization’s Security Service Edge (SSE) and Secure Access Service Edge (SASE) platforms, with a primary focus on Netskope. The engineer drives Zero Trust adoption, modernizes secure access for a hybrid workforce, and partners with security, networking, and cloud teams to deliver a unified security architecture.

Job Responsibilities

• Architect and deploy Netskope SSE solutions including CASB, SWG, ZTNA, DLP, DSPM, Cloud Firewall, and Private Access.
• Lead enterprise-wide SASE design efforts integrating identity, networking, and cloud security controls.
• Develop and maintain Zero Trust access patterns for users, devices, and applications.
• Engineer secure access pathways and support migration from legacy VPN to ZTNA.
• Optimize traffic steering, client deployment, and policy routing across global environments.
• Build and tune DLP, threat protection, and access control policies.
• Integrate Netskope with identity providers (Azure AD, Okta), SIEM platforms, and endpoint security tools.
• Troubleshoot complex SSE/SASE issues and drive continuous performance improvements.
• Create operational runbooks, automation scripts, and monitoring dashboards.
• Serve as the subject‑matter expert for SSE/SASE and mentor junior engineers.

Job Requirements

• 5–8+ years in security engineering, network engineering, or cloud security.
• 3+ years hands‑on experience with Netskope SSE (CASB, SWG, ZTNA, DLP, DSPM, Client Steering, Private Access).
• Strong understanding of SASE architectures, Zero Trust principles, and identity‑centric security.
• Proficiency with identity platforms (Azure AD, Okta), network protocols (DNS, TLS, HTTP/HTTPS, IPsec, GRE), and cloud platforms (AWS, Azure, GCP).
• Experience with SIEM tools such as Splunk, Sentinel, or QRadar.
• Familiarity with automation using Python, PowerShell, or Terraform.
• Strong communication skills and the ability to lead cross‑functional technical initiatives.

Preferred Qualifications

• Netskope certifications (NCSA, NCI, NPA).
• Experience with SD‑WAN technologies (Netskope, VeloCloud, & Fortinet).
• Background in DLP program development or data classification.
• Knowledge of Zero Trust frameworks such as NIST 800‑207.
• Experience supporting large, distributed enterprise environments.

Education

• Bachelor’s Degree or at least 12 years’ experience in related field

Job Types

• Full-time, Permanent

Education

• Bachelor's (Preferred)

Experience

• Netskope SSE and Netskope SD-WAN: 3 years (Required)

Work Location

• Remote