FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Tech Stack
Tools & technologiesFirewallsOpen SourceSplunk
About the role
Key responsibilities & impact- Configuration of Firewalls and IPS/IDS: Install and manage Next-Generation Firewalls (NGFW) as well as Intrusion Prevention and Detection Systems to block malicious traffic.
- Network Segmentation: Divide the corporate network into independent subnets (VLANs) to ensure that, if one segment is compromised, an attacker cannot easily access critical areas (lateral movement).
- VPN and Remote Access Implementation: Configure secure encrypted connections (IPsec/SSL VPN) for remote employees or branch interconnections.
- Access Control (AAA): Define strict Authentication, Authorization, and Accounting policies (using protocols such as TACACS+, RADIUS, or Zero Trust–based architectures).
- Monitoring and Threat Detection: Security is not static; it requires continuous surveillance to identify anomalies before they become major incidents.
- Log Analysis and SIEM: Centrally monitor security events generated by routers, switches, and servers using SIEM tools (such as Splunk, QRadar, or open-source solutions).
- Network Traffic Analysis: Use sniffers and protocol analyzers (such as Wireshark) to inspect suspicious packets, identify bottlenecks, or attempts to exfiltrate data.
- Vulnerability Management: Perform periodic network scans (using tools like Nessus or OpenVAS) to find open ports, outdated patches, or misconfigurations.
- Incident Response and Mitigation: Containment of attacks by acting quickly to isolate infected devices, block attacking IPs at the firewall, and mitigate denial-of-service (DDoS) attacks.
- Digital Forensic Analysis: Investigate the root cause of incidents (how the attacker got in, what was accessed, and the attacker’s pathway) to produce post-incident reports.
- Disaster Recovery Plans (DRP): Ensure network configuration backups are up to date and that redundancy of links and equipment exists so operations are not interrupted.
- Draft acceptable use policies for the network, enforce complex password policies, and define BYOD (Bring Your Own Device) rules.
- Ensure the network infrastructure complies with market standards and local/international regulations, such as LGPD (Brazilian General Data Protection Law), ISO 27001, or PCI-DSS (for the financial sector).
- Hardening Updates: Apply best-practice hardening guides to secure network assets (disable unnecessary services such as Telnet or plain HTTP, prioritizing SSHv2 and HTTPS).
Requirements
What you’ll need- Completed higher education (Bachelor's degree)
- Fortinet NSE certification (Levels 4 to 7) and CompTIA Security+
Benefits
Comp & perks- Flexible working arrangements to promote work-life balance.
- Professional development and continuous skills growth aligned with your interests.
- A collaborative, diverse, and innovative environment that encourages teamwork.
- SONDA Academy: a learning platform designed to maximize your professional development.
- Hybrid work.
- SONDA Wellness: a program that supports your work-life balance by promoting a range of initiatives focused on your physical, mental, and social well-being.
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Firewall configurationIntrusion Prevention SystemsIntrusion Detection SystemsNetwork SegmentationVPN configurationAccess ControlLog AnalysisVulnerability ManagementIncident ResponseDigital Forensic Analysis
Certifications
Bachelor's degreeFortinet NSE certificationCompTIA Security+