Network Security Ops Engineer

Overview

Reporting to the Director of Network Services, the Network Security Operations Engineer (NSOE) is a vital hybrid role that combines advanced technical skills with operational management to safeguard the university’s on-premises and cloud (Azure) network infrastructure, fulfilling comprehensive network security visibility requirements at the campus Network and Security Operations Center (NSOC). As a key liaison between Network Services, Cloud Operations, and the Information Security Office (ISO), the NSOE oversees hybrid (on-prem / Azure) network security operations, improves workflows, and manages the entire lifecycle of security incidents, service requests, and NSOC tasks—ensuring alignment with zero-trust principles and cybersecurity best practices. The NSOE proactively monitors, investigates, and responds to threats using Azure-native and integrated security tools, including SIEM (Sentinel), CASB, SolarWinds Observability Platform, Azure Firewall, Network Security Groups for micro-segmentation, VPN gateways, GlobalProtect, Infoblox, and Aruba NetEdit. The role also involves optimizing configurations for firewalls, edge switches, DMZs, and secure network segmentation. Beyond technical tasks, the NSOE plays a managerial role by aligning network security with the NSOC, refining incident response protocols, and fostering collaboration between network and security teams.

Responsibilities

• Serve as the primary network security incident coordinator at the Network and Security Operations Center (NSOC), overseeing security, event monitoring, investigation, and response in alignment with enterprise incident response protocols.
• Design and refine detection rules, alerts, and signatures based on threat intelligence, behavioral analytics (AI / ML), and attack trends.
• Conduct proactive threat hunting using SIEM analytics, endpoint telemetry (EDR / XDR), and network forensics (e.g., PCAP analysis) to identify advanced threats and stealthy attack patterns.
• Monitor and secure cloud / hybrid environments (e.g., Azure NSGs, SaaS applications) to ensure consistent visibility and policy enforcement across on-premises and cloud assets.
• Implement and enforce Zero Trust Network Access (ZTNA) policies, including micro-segmentation, identity-aware proxies, and device posture checks (e.g., via Aruba ClearPass).
• Perform malware traffic analysis using sandboxing tools (e.g., Cuckoo, VirusTotal) and correlate findings with network IDS / IPS alerts.
• Act as a liaison between Network Services, ISO, and Desktop Support to ensure security compliance across IT environments.
• Develop and report KPIs to measure security control effectiveness.
• Proactively monitor, analyze, and respond to threats using various tools, including SIEM (Microsoft Sentinel), SolarWinds, Infoblox, Aruba NetEdit, and other security tools, to ensure the rapid containment of breaches and vulnerabilities.
• Create, update, and maintain detailed internal network topology diagrams to ensure precise documentation and accurate planning.
• Proactively secure and maintain all network infrastructure devices (routers, switches, firewalls, wireless controllers) through systematic hardening of configurations, timely patching of vulnerabilities, and continuous monitoring of access controls.
• Conduct regular vulnerability assessments of network infrastructure using automated scanning tools and manual verification techniques to identify and remediate security gaps in compliance with the CIS framework control 12.
• Develop, maintain, and version-control comprehensive network architecture diagrams (including logical / physical topologies, data flows, and security zones) using industry-standard tools (e.g., Visio).
• Collaborate with network engineering and security teams to validate diagrams against real-time configurations, ensuring alignment with actual deployments and minimizing discrepancies.
• Document and audit network configurations, capturing IP / MAC addresses, VLAN assignments, and ARP tables.
• Align documentation with NIST SP 800-53 (CM-2, CM-6) and CIS Controls for audit readiness and risk management.
• Support disaster recovery and business continuity planning by ensuring network documentation reflects failover paths, redundant systems, and critical dependencies.
• Integrate diagrams with Sentinel to support real-time impact analysis during incidents and facilitate cross- team validation sessions with Security, Networks, and Operations teams to ensure accuracy and compliance.
• Operate and optimize SIEM (e.g., Microsoft Sentinel) to centralize security event alerting (CIS Safeguard 13.1), correlating logs from network devices, endpoints, and cloud services. Tune alert thresholds (CIS Safeguard 13.11) to reduce false positives and prioritize critical threats.
• Deploy and manage network / host-based IDS / IPS solutions (CIS Safeguards 13.2, 13.3, 13.7, 13.8), including NIDS, EDR, and CSP-native tools (e.g., Azure Network Watcher), to detect and block malicious activity across enterprise assets.
• Enforce traffic filtering between network segments (CIS Safeguard 13.4) and port-level access controls (802.1X / Certificates) (CIS Safeguard 13.9). Implement application-layer filtering (CIS Safeguard 13.10) via proxies / firewalls to mitigate lateral threats.
• Govern remote access security (CIS Safeguard 13.5) through Zero Trust policies (e.g., conditional access, endpoint compliance). Collect and analyze network flow logs (CIS Safeguard 13.6) to identify anomalies and support forensic investigations.
• Develop and execute an audit framework to inventory all network assets, including switches, routers, wireless controllers, and security appliances, while capturing :

IP / MAC address bindings with device ownership details

Continuously monitor network state

Qualifications

SIEM, IDS / IPS, EDR / XDR, firewall platforms, behavioral analytics, and

Application Instructions

Please apply online with your resume, cover letter and list of three professional references.

Review of candidates will begin following the application closing date.

Only Internal candidates in the Professional Staff Bargaining Unit will be considered during the first 10 business days of the posting. All other candidates will be considered after that period.

Salary Ranges : Grade 35

This is an exempt union position. All official salary offers must be approved by Human Resources.

UMass Boston is committed to the full inclusion of all qualified individuals. As part of this commitment, we will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If reasonable accommodation is needed, please contact HRDirect@umb.edu or 617-287-5150.

Applications close : 11 Sep 2025 Eastern Daylight Time

#J-18808-Ljbffr