Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies. * Collaborate with Network and Firewall Teams, Application ...
Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies. * Collaborate with Network and Firewall Teams, Application ...
Principal Network Engineer/ SME
Colorado Springs, CO · On-site
$175K - $185K/yr
Organize, install, and support government organization's computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication ...
Principal Network Engineer/ SME
Colorado Springs, CO · On-site
$175K - $185K/yr
Organize, install, and support government organization's computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication ...
Cyber Zscaler Network Security Engineer / Senior Consultant, Strategy, Growth, and Transformation
$60.25 - $78.75/hr
... segment configuration, access policies, connector deployment, and zero trust network access (ZTNA) architectures replacing legacy VPN infrastructure * 1+ years of experience designing, deploying, and ...
Cyber Zscaler Network Security Engineer / Senior Consultant, Strategy, Growth, and Transformation
$60.25 - $78.75/hr
... segment configuration, access policies, connector deployment, and zero trust network access (ZTNA) architectures replacing legacy VPN infrastructure * 1+ years of experience designing, deploying, and ...
Principal Network Engineer/ SME with Security Clearance
Colorado Springs, CO · On-site
$175K - $185K/yr
Organize, install, and support government organization's computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication ...
Principal Network Engineer/ SME with Security Clearance
Colorado Springs, CO · On-site
$175K - $185K/yr
Organize, install, and support government organization's computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication ...
Networking Solutions Engineer, Global Ecosystem Partners
Denver, CO · On-site +1
$190K - $240K/yr
TCP/IP, BGP, OSPF, EIGRP), network segmentation technologies (e.g. VRF, MPLS, SD-Access, 802.1x, TrustSec, Adaptive Policy), and network management platforms (e.g Catalyst Center, Meraki Dashboard ...
Networking Solutions Engineer, Global Ecosystem Partners
Denver, CO · On-site +1
$190K - $240K/yr
TCP/IP, BGP, OSPF, EIGRP), network segmentation technologies (e.g. VRF, MPLS, SD-Access, 802.1x, TrustSec, Adaptive Policy), and network management platforms (e.g Catalyst Center, Meraki Dashboard ...
TCP/IP, BGP, OSPF, EIGRP), network segmentation technologies (e.g. VRF, MPLS, SD-Access, 802.1x, TrustSec, Adaptive Policy), and network management platforms (e.g Catalyst Center, Meraki Dashboard ...
TCP/IP, BGP, OSPF, EIGRP), network segmentation technologies (e.g. VRF, MPLS, SD-Access, 802.1x, TrustSec, Adaptive Policy), and network management platforms (e.g Catalyst Center, Meraki Dashboard ...
Senior Controls Network/Cyber Engineer - Nuclear
$102K - $140K/yr
Design and configure OT Network Architecture and apply cyber security controls. * implement network segmentation using the OT Purdue model. * Have knowledge on network technologies to design ...
Senior Controls Network/Cyber Engineer - Nuclear
$102K - $140K/yr
Design and configure OT Network Architecture and apply cyber security controls. * implement network segmentation using the OT Purdue model. * Have knowledge on network technologies to design ...
Senior Controls Network/Cyber Engineer - Nuclear
Longmont, CO · On-site
$102K - $140K/yr
Design and configure OT Network Architecture and apply cyber security controls. * implement network segmentation using the OT Purdue model. * Have knowledge on network technologies to design ...
Senior Controls Network/Cyber Engineer - Nuclear
Longmont, CO · On-site
$102K - $140K/yr
Design and configure OT Network Architecture and apply cyber security controls. * implement network segmentation using the OT Purdue model. * Have knowledge on network technologies to design ...
Senior Controls Network/Cyber Engineer - Nuclear
Longmont, CO · On-site
$102K - $140K/yr
Design and configure OT Network Architecture and apply cyber security controls. * implement network segmentation using the OT Purdue model. * Have knowledge on network technologies to design ...
Senior Controls Network/Cyber Engineer - Nuclear
Longmont, CO · On-site
$102K - $140K/yr
Design and configure OT Network Architecture and apply cyber security controls. * implement network segmentation using the OT Purdue model. * Have knowledge on network technologies to design ...
Sr. Advisory Security Architect with Security Clearance
Colorado Springs, CO · On-site
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect with Security Clearance
Colorado Springs, CO · On-site
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site +1
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site +1
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site +1
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site +1
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site +1
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
Sr. Advisory Security Architect
Colorado Springs, CO · On-site +1
$144K - $175K/yr
Design secure network segmentation, access control strategies, virtualization architectures, and system integration approaches. * Implement centralized logging, monitoring, auditing, and SIEM ...
OT Security Specialist
Denver, CO · On-site
By implementing robust network segmentation , real-time threat monitoring , and aligning operations with global standards like NIST 800-82 and IEC 62443 , you will ensure the resilience of vital ...
OT Security Specialist
Denver, CO · On-site
By implementing robust network segmentation , real-time threat monitoring , and aligning operations with global standards like NIST 800-82 and IEC 62443 , you will ensure the resilience of vital ...
VCF Network Engineer 1
Denver, CO · On-site
Responsibilities : • Support design, implementation, and day-to-day administration of NSX overlay networking across VCF environments. • Implement approved micro-segmentation policies, distributed ...
VCF Network Engineer 1
Denver, CO · On-site
Responsibilities : • Support design, implementation, and day-to-day administration of NSX overlay networking across VCF environments. • Implement approved micro-segmentation policies, distributed ...
Network Engineer
Louisville, CO · On-site
Key Tasks: • Support the operation and maintenance of ground segment network engineering architecture/design • Network Administration Support • System Security Analysis • Operation and ...
Network Engineer
Louisville, CO · On-site
Key Tasks: • Support the operation and maintenance of ground segment network engineering architecture/design • Network Administration Support • System Security Analysis • Operation and ...
VCF Network Engineer 2
Englewood, CO · On-site
Responsibilities : • Design and manage NSX overlay topology, routing, and segmentation patterns ... network dependencies with platform engineering, storage, security, and automation teams. • ...
VCF Network Engineer 2
Englewood, CO · On-site
Responsibilities : • Design and manage NSX overlay topology, routing, and segmentation patterns ... network dependencies with platform engineering, storage, security, and automation teams. • ...
Senior Manager, Infrastructure Engineering with Security Clearance
Denver, CO · On-site
$111K - $151K/yr
Collaborate with Cybersecurity on hardened infrastructure (STIGs, security scanning, network segmentation) and with AI and Data Engineering on the compute and networking layer their platforms run on ...
Senior Manager, Infrastructure Engineering with Security Clearance
Denver, CO · On-site
$111K - $151K/yr
Collaborate with Cybersecurity on hardened infrastructure (STIGs, security scanning, network segmentation) and with AI and Data Engineering on the compute and networking layer their platforms run on ...
Senior Manager, Infrastructure Engineering
Denver, CO · On-site
$111K - $151K/yr
Collaborate with Cybersecurity on hardened infrastructure (STIGs, security scanning, network segmentation) and with AI and Data Engineering on the compute and networking layer their platforms run on ...
Senior Manager, Infrastructure Engineering
Denver, CO · On-site
$111K - $151K/yr
Collaborate with Cybersecurity on hardened infrastructure (STIGs, security scanning, network segmentation) and with AI and Data Engineering on the compute and networking layer their platforms run on ...
Network Segmentation information
What is the difference between Network Segmentation vs Network Security Engineer?
| Aspect | Network Segmentation | Network Security Engineer |
|---|---|---|
| Primary Focus | Dividing a network into segments to control traffic | Designing, implementing, and managing security measures |
| Required Skills | Networking protocols, VLANs, firewalls | Firewall configuration, intrusion detection, security policies |
| Work Environment | Network infrastructure, data centers, enterprise networks | Security teams, IT departments, cybersecurity environments |
| Certifications | CCNA, CompTIA Network+ | CISSP, CEH, CompTIA Security+ |
Network segmentation involves dividing a network into smaller parts to improve performance and security, while a Network Security Engineer focuses on protecting the network through security measures. Both roles require networking knowledge, but their primary objectives differ: segmentation manages network structure, whereas security engineers safeguard it from threats.
What are the key skills and qualifications needed to thrive in a Network Segmentation role, and why are they important?
What kind of jobs can I get with Network+?
Is networking a high paying job?
What is network segmentation?
What are some common challenges faced by professionals working in network segmentation roles, and how can they be addressed?
What are network segmentations?
What is job segmentation?
Deloitte rating
8.0
Based on 89 frontline employees who took The Breakroom Quiz
71st of 146 rated financial services
Job description
We are seeking a talented, passionate cyber security specialist who will serve as a technical interface and subject matter expert in designing, implementing, and supporting an enterprise-class application-centric micro-segmentation service for Deloitte US Member Firm. The professional will lead and collaborate with application teams, infrastructure teams, and vendors to support all phases of product integration, deployment, operations, and maintenance for critical business applications and workload isolation.
Recruiting for this role ends on 7/6/2026.
Work you'll do
- Assist in the design, implementation, and sustainment of zero trust architectures to safeguard critical assets and data against emerging cyber threats.
- Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies.
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams etc. to design, implement, and support an enterprise-class application-centric micro-segmentation solution and service.
- Lead implementation of micro-segmentation to safeguard critical applications as part of a multi-year program.
- Identify new service requirements in support of our Zero Trust strategy.
- Lead and support troubleshooting for micro-segmentation service.
The successful candidate would possess these skills
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to mentor and provide clear guidance to others
The team
Deloitte Technology US (DT - US) helps power Deloitte's success, which serves many of the world's largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~3,000 professionals in DT - US deliver services including:
- Cyber Security
- Technology Support
- Technology & Infrastructure
- Applications
- Relationship Management
- Strategy & Communications
- Project Management
- Financials
Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
- Risk & Compliance
- Identity & Access Management
- Data Protection
- Cyber Design
- Incident Response
- Security Architecture
- Business Partnership
Qualifications
Required:
- Bachelor's degree or equivalent in Information Technology, Computer Science, or Engineering.
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and hands-on experience securing east-west traffic in enterprise environments.
- Proficiency in Python development for automation and scripting, including experience building security tooling, policy automation, or infrastructure-as-code workflows.
- Networking fundamentals with demonstrated experience across both cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation.
Preferred:
- Experience with micro-segmentation platforms (e.g., Illumio, Guardicore, Cisco Secure Workload) and practical application of Zero Trust principles such as least-privilege access, identity-aware policy enforcement, and network segmentation strategy.
- Experience deploying, managing, and tuning micro-segmentation security policies.
- Networking knowledge and experience in traffic analysis using tools such as Wireshark.
- Experience with virtualization technologies such as VMware, Hyper-V.
- Experience with cloud platforms such as Azure, GCP and/or AWS.
- Understand application tiering architecture (web, application, database), communication patterns and application connectivity.
- Experience with Windows server/Linux operating systems.
- Knowledge of the Zero Trust Framework or NIST 800-207 (Zero Trust Architecture).
- Experience working with all levels of management, stakeholders, and vendors.
- Familiarity with technologies such as Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN) and containers.
- Experience designing and managing firewalls or other network segmentation tools.
- Experience setting up, configuring, policy creation, and troubleshooting firewalls such as Palo Alto, Cisco, Windows Packet Filtering, and IP Tables.
- Well versed in one of the scripting languages (e.g. PowerShell, Python and BASH).
- System forensics and investigation skills, including analyzing system artifacts (e.g. file system, memory, running processes, network connections, logs).
- CISSP, GIAC, CCNA or other related Information Security certifications.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 to $243,700.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Qualifications:We are seeking a talented, passionate cyber security specialist who will serve as a technical interface and subject matter expert in designing, implementing, and supporting an enterprise-class application-centric micro-segmentation service for Deloitte US Member Firm. The professional will lead and collaborate with application teams, infrastructure teams, and vendors to support all phases of product integration, deployment, operations, and maintenance for critical business applications and workload isolation.
Recruiting for this role ends on 7/6/2026.
Work you'll do
- Assist in the design, implementation, and sustainment of zero trust architectures to safeguard critical assets and data against emerging cyber threats.
- Serve as the subject matter expert (SME) for application micro-segmentation and zero-trust principles, methodologies, and technologies.
- Collaborate with Network and Firewall Teams, Application Teams, Server Teams, Cloud Engineering Teams etc. to design, implement, and support an enterprise-class application-centric micro-segmentation solution and service.
- Lead implementation of micro-segmentation to safeguard critical applications as part of a multi-year program.
- Identify new service requirements in support of our Zero Trust strategy.
- Lead and support troubleshooting for micro-segmentation service.
The successful candidate would possess these skills
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to mentor and provide clear guidance to others
The team
Deloitte Technology US (DT - US) helps power Deloitte's success, which serves many of the world's largest, most respected organizations. We develop and deploy cutting-edge internal and go-to-market solutions that help Deloitte operate effectively and lead in the market. Our reputation is built on a tradition of delivering with excellence.
The ~3,000 professionals in DT - US deliver services including:
- Cyber Security
- Technology Support
- Technology & Infrastructure
- Applications
- Relationship Management
- Strategy & Communications
- Project Management
- Financials
Cyber Security
Cyber Security vigilantly protects Deloitte and client data. The team leads a strategic cyber risk program that adapts to a rapidly changing threat landscape, changes in business strategies, risks, and vulnerabilities. Using situational awareness, threat intelligence, and building a security culture across the organization, the team helps to protect the Deloitte brand.
Areas of focus include:
- Risk & Compliance
- Identity & Access Management
- Data Protection
- Cyber Design
- Incident Response
- Security Architecture
- Business Partnership
Qualifications
Required:
- Bachelor's degree or equivalent in Information Technology, Computer Science, or Engineering.
- Minimum 6 years of related Cyber Security experience with a focus on network security engineering, including firewall policy design, rule management, and hands-on experience securing east-west traffic in enterprise environments.
- Proficiency in Python development for automation and scripting, including experience building security tooling, policy automation, or infrastructure-as-code workflows.
- Networking fundamentals with demonstrated experience across both cloud environments (AWS, Azure, or GCP) and on-premises data center infrastructure, including VLANs, subnetting, routing protocols, firewall policy, and east-west traffic segmentation.
Preferred:
- Experience with micro-segmentation platforms (e.g., Illumio, Guardicore, Cisco Secure Workload) and practical application of Zero Trust principles such as least-privilege access, identity-aware policy enforcement, and network segmentation strategy.
- Experience deploying, managing, and tuning micro-segmentation security policies.
- Networking knowledge and experience in traffic analysis using tools such as Wireshark.
- Experience with virtualization technologies such as VMware, Hyper-V.
- Experience with cloud platforms such as Azure, GCP and/or AWS.
- Understand application tiering architecture (web, application, database), communication patterns and application connectivity.
- Experience with Windows server/Linux operating systems.
- Knowledge of the Zero Trust Framework or NIST 800-207 (Zero Trust Architecture).
- Experience working with all levels of management, stakeholders, and vendors.
- Familiarity with technologies such as Infrastructure-as-a-Service (IaaS), Software-Defined Networking (SDN) and containers.
- Experience designing and managing firewalls or other network segmentation tools.
- Experience setting up, configuring, policy creation, and troubleshooting firewalls such as Palo Alto, Cisco, Windows Packet Filtering, and IP Tables.
- Well versed in one of the scripting languages (e.g. PowerShell, Python and BASH).
- System forensics and investigation skills, including analyzing system artifacts (e.g. file system, memory, running processes, network connections, logs).
- CISSP, GIAC, CCNA or other related Information Security certifications.
The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 to $243,700.
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Education:Bachelor's DegreeEmployment Type: