Lead

Petrofac


Date: 2 weeks ago
City: Sharjah
Contract type: Full time

ROLE PURPOSE

Own the design and engineering of preventative security controls across network infrastructure, perimeter security, segmentation, and enterprise connectivity.
Act as the technical authority for secure-by-design network and infrastructure security architectures with strong focus on resilience, segmentation, standardisation, and automation.

PRIMARY ACCOUNTABILITY OVER

  • Network Security & Infrastructure Protection
  • Firewalls, IDS/IPS, Load Balancers, and Secure Connectivity
  • Security Design for LAN / WAN / SD-WAN / Data Centre / Remote Access

KEY RESPONSIBILITIES

1. Security Architecture & Engineering

  • Define network security architecture standards, principles, and reference patterns.
  • Lead security design reviews for network, connectivity, and infrastructure changes.
  • Produce reusable blueprints, standards, and engineering guardrails.
  • Provide technical assurance and risk recommendations for network and infrastructure designs.

2. Network Segmentation, Access Control & Infrastructure Protection

  • Architect secure segmentation models across enterprise, data centre, and remote sites.
  • Design and govern VLAN strategy, east-west and north-south traffic controls, and network access boundaries.
  • Implement and enhance NAC, network zoning, and policy enforcement controls.
  • Define secure standards for routers, switches, firewalls, and core network services.
  • Establish secure connectivity patterns for internal, external, partner, and remote access use cases.

3. Firewall, Perimeter & Traffic Security Engineering

  • Design and maintain firewall policy standards, rule lifecycle governance, and review processes.
  • Engineer preventative controls across next-generation firewalls, IDS/IPS, proxy, and secure web gateways.
  • Define ingress, egress, and inter-network filtering standards.
  • Implement threat prevention, traffic inspection, and secure remote access controls.
  • Drive continuous improvement in rule hygiene, policy optimisation, and attack surface reduction.

4. Load Balancing, Application Delivery & Secure Network Services

  • Define secure load balancer and application delivery controller standards.
  • Implement resilient and secure patterns for internal and external application publishing.
  • Engineer controls for TLS inspection, certificate handling, and secure service exposure.
  • Provide secure design patterns for high-availability network services and traffic distribution.

5. WAN / LAN / SD-WAN Security & Connectivity Governance

  • Define secure design standards for WAN, LAN, internet breakout, and SD-WAN environments.
  • Architect resilient branch and campus security patterns aligned to business and operational needs.
  • Implement segmentation, encrypted transport, routing security, and policy enforcement across hybrid connectivity.
  • Establish standards for site-to-site, third-party, and remote-user connectivity.

6. Security Monitoring, Detection & Infrastructure Telemetry

  • Define infrastructure security logging and telemetry requirements across network platforms.
  • Integrate firewalls, IDS/IPS, load balancers, and network devices with SIEM / SOC processes.
  • Improve visibility of network flows, anomalous traffic, and control effectiveness.
  • Support detection engineering through enriched network security telemetry and event quality improvements.

7. Security Automation & Operational Improvement

  • Automate network security configuration validation, compliance checks, and control assurance.
  • Define repeatable engineering processes for rule reviews, device hardening, and segmentation governance.
  • Implement infrastructure-as-code or policy-driven approaches where applicable.
  • Build reusable standards and automation for secure network onboarding and change delivery.

8. Partner Oversight & Delivery Governance

  • Provide engineering oversight to third parties delivering network and security infrastructure services.
  • Define technical requirements, review solution quality, and validate secure delivery outcomes.

EXPERIENCE REQUIREMENTS

Essential:

  • 8–12+ years in network security engineering / infrastructure security architecture.
  • Strong expertise in firewalls, IDS/IPS, segmentation, and enterprise network security.
  • Hands-on experience with routers, switches, load balancers, and secure connectivity platforms.
  • Strong understanding of LAN / WAN / SD-WAN, remote access, and hybrid network environments.
  • Experience delivering preventative controls, network hardening, and secure infrastructure design.

Desirable:

  • Palo Alto / Fortinet / Check Point / Cisco / F5 certifications or equivalent experience.
  • Experience with NAC, ZTNA, SASE / SSE, and network access control technologies.
  • Familiarity with network automation, infrastructure-as-code, or configuration compliance tooling.
  • TOGAF or architecture training.

CORE SKILLS

  • Network security architecture and design assurance
  • Firewalls, IDS/IPS, and perimeter security engineering
  • Segmentation, VLAN, zoning, and access control
  • Routers, switches, load balancers, and traffic security
  • WAN / LAN / SD-WAN security governance
  • Security monitoring, telemetry, and infrastructure automation

SUCCESS MEASURES

  • Reduction in network exposure and attack surface
  • Improved segmentation and access control maturity
  • Firewall and rule base optimisation
  • Secure onboarding of sites, services, and connectivity changes
  • Increased visibility and assurance across network security controls

POSITIONING SUMMARY

Network-focused, prevention-led security engineering centred on secure connectivity, resilient infrastructure, segmentation, and scalable guardrails.

#LI-HS1

Additional Information

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Audit Manager

Petrofac, Sharjah
2 days ago
Purpose: The Internal Audit Manager is responsible for leading a portfolio of risk-based audits and supporting the delivery of the annual audit plan. The role provides independent assurance over governance, risk management, and internal controls, requiring strong leadership, stakeholder engagement, and a data-driven approach to audit delivery. Key Accountabilities 1.1. Lead and deliver a portfolio of risk-based audits (typically 6–10...

QHSE Supervisor

Mezzan Foods, Sharjah
6 days ago
Job CategoryFMCG (food)Job DescriptionJob PurposeLead and supervise Quality, Health, Safety, Environment & Food Safety systems in snacks manufacturing.Ensure compliance with ISO standards, HACCP, GMP, and UAE regulations.Drive safety culture, audits, risk management, and continuous improvement.Core ResponsibilitiesOversee daily QHSE operations across production, warehouse, and support areas.Conduct audits, inspections, risk assessments, and food safety checks.Lead incident, accident, and complaint investigations.Ensure corrective &...

Engineer / Senior Engineer – AV/ICT (Based in Amman, Jordan)

WSP in the Middle East, Sharjah
1 week ago
Job DescriptionWSP in the Middle East is seeking an Engineer / Senior Engineer – AV/ICT ( based in Jordan) to deliver innovative audiovisual and ICT solutions. This role plays a key part in shaping complex building and infrastructure projects across the region through cutting-edge technology.The successful candidate will be based in Jordan, with the role providing remote support across GCC...