Network Security Engineer Resume Examples And Templates for Enterprise Protection Specialists

Christopher Bennett

Network Security Engineer

[email protected] | +1 (617) 555-3344 | Boston, Massachusetts, USA

Profile

Network Security Engineer with over 8 years of hands on experience designing, implementing, and maintaining secure network infrastructures in enterprise and hybrid cloud environments. Demonstrated expertise in firewall configuration, VPN deployment, intrusion detection and prevention systems, secure routing, and network segmentation. Skilled in vulnerability assessment, risk mitigation strategies, security architecture design, and compliance adherence to standards such as ISO 27001, NIST, PCI DSS, and HIPAA. Proven ability to detect, respond to, and remediate security incidents, reduce attack surface, and conduct security awareness training for IT teams and end users. Passionate about continuous improvement, automation, and threat intelligence integration into network operations.

Education

Bachelor of Science in Computer Networking and Security
Northeastern University, Boston, MA
Graduated: May 2014

Master of Science in Cybersecurity
Boston University, Boston, MA
Graduated: May 2016

Licenses & Certifications

• Cisco Certified Network Professional Security (CCNP Security)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• GIAC Certified Intrusion Analyst (GCIA)
• Fortinet NSE 4 / Palo Alto Networks PCNSE
• CompTIA Security+ and Network+
• AWS Certified Security – Specialty

Work Experience

Senior Network Security Engineer
SecureNet Solutions, Boston, MA
June 2018 – Present

• Architected and managed multi layer network security solutions for a global enterprise network with over 5,000 endpoints across 20+ sites, including firewalls (Cisco ASA, Fortinet, Palo Alto), IDS/IPS (Snort, Suricata, Firepower), and VPN solutions (IPSec, SSL).
• Designed and implemented network segmentation strategy that reduced lateral attack possibilities by 60 percent, enhanced breach containment, and improved compliance with NIST and PCI DSS standards.
• Configured and maintained high availability firewall clusters and redundant VPN gateways, ensuring 99.99 percent network uptime and resilience against network failures.
• Conducted regular vulnerability assessments using Nessus and Qualys, remediated high and critical findings within SLA guidelines, and reported risk status to CISO monthly.
• Integrated enterprise threat intelligence feeds (STIX/TAXII) into SIEM and network devices to enable rapid detection and automated blocking of known malicious indicators.
• Developed network security playbooks and standard operating procedures, and delivered quarterly training sessions for IT and operations teams on secure network best practices.

Network Security Engineer
TechGuard Inc., Cambridge, MA
July 2016 – May 2018

• Implemented firewall and VPN solutions for on-premises and hybrid Azure/AWS environments, enabling secure remote access for remote workforce and site-to-site connectivity.
• Deployed intrusion prevention systems and hardened network infrastructure in support of PCI and HIPAA compliance initiatives.
• Monitored network traffic and logs using SIEM (Splunk) and IDS alerts, investigated anomalies, and collaborated with SOC teams to contain incidents.
• Performed forensic analysis on network events and logs, producing detailed incident reports to technical teams and senior management.
• Collaborated with network engineers, systems administrators, and DevOps to embed security controls into network design and infrastructure as code pipelines.

Skills

• Firewall management (Cisco ASA, Palo Alto, Fortinet)
• VPN technologies (IPSec, SSL VPN, site-to-site, remote access)
• Intrusion Detection/Prevention (Snort, Suricata, Firepower)
• Network segmentation and Zero Trust architecture
• SIEM integration and log analysis (Splunk, ELK)
• Vulnerability scanning and remediation (Nessus, Qualys)
• Network forensics and packet capture (Wireshark, tcpdump)
• Scripting and automation (Python, Bash, Ansible)
• Cloud network security (AWS VPCs, Azure NSGs, security groups)
• Compliance frameworks: ISO, NIST, PCI DSS, HIPAA
• Incident response and threat intelligence
• Documentation, technical writing, stakeholder collaboration

Achievements

• Reduced firewall rule base by 35 percent through consolidation and cleanup, improving manageability and network performance.
• Enabled automated network threat blocking using threat intelligence feeds, reducing alert handling time by 45 percent.
• Led network security audit that passed PCI and ISO validation with zero major findings.
• Developed a network micro-segmentation framework used organization-wide, reducing lateral movement risk.

Volunteer Experience

• Mentor – CyberPatriot youth cybersecurity competition (2019–Present)
• Volunteer Instructor – Local community college security course labs (2018–Present)

References

Available upon request.

Languages

• English – Native proficiency
• Spanish – Professional working proficiency
• German – Conversational competency

Hobbies

• Home lab networking using virtual environments to test IDS/IPS, firewall, segmentation designs.
• Participating in Capture the Flag cybersecurity competitions focused on network exploitation and defense.
• Writing technical blog posts about network architecture, security automation, and threat hunting.
• Volunteering at local meetups and workshops teaching secure networking fundamentals to students and IT professionals.

Courses

• Advanced Firewall and VPN Administration – SANS Institute
• Network Traffic Analysis and Forensics – GIAC GCIH Prep Course
• Cloud Network Security – AWS / Azure Security Labs
• Python for Network Engineers – Network to Code Academy

Internships

• Network Security Intern – Massachusetts General Hospital, Boston MA – Summer 2015
  • Assisted in configuring firewall policies and monitoring network logs for anomalous behavior.
  • Supported patching and updating of network devices, ensuring firmware compliance.
  • Learned basic incident response procedures and ticketing workflows involving SOC teams.
• Cybersecurity Intern – FinTech Startups Inc., Boston MA – Summer 2014
  • Conducted vulnerability scans on network infrastructure using Nessus.
  • Created weekly network health and risk reports for senior security staff.
  • Supported secure network configuration audits and documentation updates.

Extra Curricular

Active member of the Boston chapter of OWASP and ISACA, attending workshops and contributing to local security community events. Co-organizer of monthly network defense labs where participants simulate attacker behavior and test intrusion detection systems. Lead a volunteer network security awareness initiative for local nonprofits, advising on firewall hardening, VPN use, and log monitoring best practices. Regularly participate in national cybersecurity conferences and present on network-centric defense strategies and segmentation techniques.