Senior Network Engineer- DDoS and automation

• Design, develop, test, and deploy complex edge and perimeter network-security infrastructure, including associated Infrastructure-as-Code.
• Provide expert input on network-security infrastructure patterns and standards, including the design and evolution of Layer-3/4 DDoS protection patterns, policy baselines and integration points across cloud and on-premises environments.

• Monitor DDoS protection posture and lead fortification and attack surface reduction efforts.
• Ensure alignment and synchronisation between cloud-based DDoS controls and on-premises protections.
• Oversee policy management, incident response and readiness, and proactive mitigation strategies.
• Lead the response to complex Level 3 network-security incidents, particularly across DDoS and perimeter domains (on-call support will be required).
• Maintain network-security patterns via Infrastructure-as-Code and automation, continuously improving existing delivery pipelines and procedures.

• DDoS Experience: Hands-on experience deploying, tuning and operating L3/L4 DDoS mitigation platforms (e.g. Akamai, Cloudflare, FortiDDoS, Radware, Arbor, Imperva, AWS etc), including policy management and operational response.
• Deep knowledge of TCP/IP, BGP, DNS, VPNs, firewalls and perimeter network architectures.
• Experience automating network-security infrastructure using tools such as Terraform, Git, Python or Ansible.
• Familiarity with software-defined networking overlays such as VXLAN EVPN or VMware NSX is a plus.
• Certifications: Relevant certifications such as CCNP, CCIE, JNCIP or Fortinet NSE.

Bluefin Resources