Light Dark
March 16, 2023 By Sue Poremba 4 min read
Risk Management

Cybersecurity is complex. The digital transformation, remote work and the ever-evolving threat landscape require different tools and different skill sets. Systems must be in place to protect endpoints, identities and a borderless network perimeter. The job role responsible for handling this complex security infrastructure is the network security engineer.

In a nutshell, the network security engineer is the person who is responsible for the design and implementation of the organization’s security system, ensuring there are no gaps or vulnerabilities for threat actors to exploit. They aren’t just responsible for protecting the infrastructure from potential cyberattacks but also for safeguarding the network’s physical security from all types of intrusion or natural disasters. This is the position that creates and enforces an organization’s security policy. A network security engineer maintains the hardware and software that act as the first line of defense during an attack.

While the titles sound similar and people sometimes use them interchangeably, network security engineers are different from network security architects. The architects are usually higher level: They analyze and test a system and decide what tools are needed. However, the engineers are the ones who put it all together and keep it running properly. In smaller companies, the network security engineer may be asked to take on the tasks of an architect, but they are generally separate roles.

How in-demand is this particular role?

Because they handle the first lines of defense in a security system and are also responsible for disaster recovery, network security engineers are in high demand, even though the jobs themselves may not be found under this exact title. Every company needs someone with the training to do the basic maintenance and hardware configuration to harden the network perimeter. With remote and hybrid workforces, this role is also responsible for ensuring VPNs are working properly and outside connections to the corporate network are secure. It’s a necessary role in every industry vertical and almost any size business. A quick glance at job recruiting websites shows long lists of openings with tens of thousands still unfilled.

Were there any recent events in the last few years that made this role more in-demand?

The rise of remote work has given added importance to the role of a network security engineer. Also, data privacy compliance regulations have put a greater emphasis on overall cybersecurity. Although the network security engineer isn’t working directly with data, it is this job’s function to make sure outside threat actors aren’t able to gain access to the network.

One of the biggest and most difficult threats for security engineers is Distributed Denial of Service (DDoS) attacks. DDoS attacks are growing bigger and more powerful, threatening to take networks offline for longer periods of time. Cyber criminals have also instituted a new strategy: Using DDoS attacks while also launching a ransomware attack.

What are the basic qualifications needed?

Basic qualifications and skills needed for a job as a network security engineer include:

  • Thorough knowledge and proficiency in different programming languages
  • In-depth skills in cybersecurity functions such as ethical hacking and penetration testing
  • Expertise with computer systems, multiple operating systems, on-premise network and cloud architectures, with an ability to identify and fix vulnerabilities and security gaps
  • Familiarity with the threat landscape, compliance laws and government regulations surrounding cyber incidents
  • Soft skills like good communication, decision-making, attention to detail and the ability to work well under pressure.

What degree and/or certifications are required?

A network security engineer will have at least a bachelor’s degree in the field of computer science or computer engineering, or a cybersecurity or information systems/risk management background.

For those engineers at the beginning of their career, the CompTIA Security+ certification is recommended to prove knowledge of baseline skills. Other certifications highly recommended or required include Cisco Certified Network Professional (CCNP), Certified Network Defender (CND), Certified Information Systems Security Professional (CISSP) and GIAC Security Essentials (GSEC).

What are the primary responsibilities of this role?

The primary responsibilities of this role include:

  • Configuring and maintaining firewalls, VPNs, LANs, email and web protocols
  • Testing hardware and software for potential vulnerabilities
  • Monitoring, identifying and mitigating potential threats and intrusion management
  • Setting security policies and protocols
  • Staying on top of new technologies, laws and regulations and emerging threats
  • Ensuring the systems meet all regulatory compliance standards
  • Monitoring backup systems and disaster recovery systems
  • Overseeing identity and access management tools
  • Communicating with the cybersecurity team and leadership about security issues.

Who does this role typically report to?

The network security engineer falls under the auspice of the CISO/CSO/CIO, depending on the organization’s leadership structure. Their direct report, however, is most often a designated security manager, who has responsibility for security teams and provides oversight for projects.

What is a typical day like?

Being well-informed is an absolute must, and network security engineers can expect to start their work day by monitoring what’s happening in the world: Looking for news about new threats, new attacks and global events that could have an impact on network security. Engineers may plan on tasks like monitoring logs or running scheduled network tests, but they’ll more often than not find their days filled with emergencies and fulfilling help desk tickets. There will be incidents and alerts that will need to be checked out. Above all, don’t expect a 9 to 5 job. Network security engineers, like many in IT and cybersecurity, are on call day and night and on weekends.

However challenging the duties of a network security engineer may be, there’s no doubt this position is an essential part of any cybersecurity team.

 |  |  |  | 
Sue Poremba

More from Risk Management
April 24, 2024

Researchers develop malicious AI ‘worm’ targeting generative AI systems

2 min read - Researchers have created a new, never-seen-before kind of malware they call the "Morris II" worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988.The worm demonstrates the potential dangers of AI security threats and creates a new urgency around securing AI models.New worm utilizes adversarial self-replicating promptThe researchers from Cornell Tech, the Israel Institute of Technology and Intuit, used what’s…

April 17, 2024

What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?

3 min read - The IBM X-Force 2024 Threat Intelligence Index has been released. The headlines are in and among them are the fact that a global identity crisis is emerging. X-Force noted a 71% increase year-to-year in attacks using valid credentials.In this blog post, I’ll explore three cybersecurity recommendations from the Threat Intelligence Index, and define a checklist your Security Operations Center (SOC) should consider as you help your organization manage identity risk.The report identified six action items:Remove identity silosReduce the risk of…

April 16, 2024

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature