Network Security Engineer

Summary

Join Kyivstar Tech as a Network Security Engineer and operate, administer, and evolve the company’s network security infrastructure. Automate routine firewall operations, investigate network security incidents, and collaborate with IT and security teams. You will document configurations and workflows and possess experience with Cisco ASA, Cisco Firepower, and Fortinet security solutions. A deep understanding of network protocols and troubleshooting skills is crucial. Kyivstar offers remote work options, performance bonuses, training opportunities, health and life insurance, a wellbeing program, and mobile communication reimbursement.

Requirements

• Experience with Cisco ASA and Cisco Firepower Threat Defense (FTD) firewalls
• Managing and configuring security policies using Cisco Firepower Management Center (FMC)
• Experience administering and configuring Fortinet (FortiGate) security solutions
• Strong knowledge of VPN technologies (IPSec, SSL VPN), NAT, ACLs, routing, and IPS/IDS on Cisco and Fortinet platforms
• Deep understanding of network protocols and services: TCP/IP, UDP, DNS, DHCP, VLANs, STP, ARP, OSPF, BGP
• Excellent troubleshooting skills for network connectivity and security incident investigation
• Experience with traffic monitoring, packet capture (e.g., tcpdump, Wireshark), and log management tools
• Experience with cloud technologies, Azure, AWS
• Ability to maintain accurate technical documentation, including network diagrams and configuration records
• English proficiency is sufficient for technical documentation and communication with vendors/support
• Proficiency in Python for automation of security operations
• Scripting policy deployments, configuration validation, auditing, and integrations
• Working with REST APIs, JSON/XML, and CLI tools

Responsibilities

• Operate, administer, and evolve the company’s network security infrastructure
• Automate routine firewall operations and policy management using Python and APIs
• Investigate network and security incidents; perform traffic analysis and root cause identification
• Collaborate with IT, DevOps, and Security teams to implement secure network designs
• Document configurations, topologies, and workflows for internal and audit use

Preferred Qualifications

• Exposure to Palo Alto, Check Point, or other NGFW platforms
• Knowledge of Zero Trust architecture, NAC, and microsegmentation
• Experience with log aggregation and SIEM tools (e.g., ELK, Splunk)

Benefits

• Office or remote – it’s up to you. You can work from anywhere, and we will arrange your workplace
• Remote onboarding
• Performance bonuses for everyone (annual or quarterly — depends on the role)
• We train employees with the opportunity to learn through the company’s library, internal resources, and programs from partners
• Health and life insurance
• Wellbeing program and corporate psychologist
• Reimbursement of expenses for Kyivstar mobile communication