Senior Network Security & Microsegmentation Engineer

JOB DESCRIPTION

Senior Network Security & Microsegmentation Engineer - Enterprise Deployments

Department

Cybersecurity Services

Location

New Delhi (On-site / Client-site) or Mumbai (On-site / Client-site)

Experience

10+ Years

Reports To

Delivery & Services Lead / CEO

Employment Type

Full-Time

Band/Level

Founding Team Member

Travel

Up to 40% (client sites)

Compensation

Competitive CTC + Equity

About SARC Global

SARC Global is a multidisciplinary advisory firm with 40+ years of heritage, 100+ partners, and 500+ professionals across India, UK, USA, Singapore, and UAE. Our cybersecurity practice is built on strategic OEM partnerships in microsegmentation, zero trust, and web application & API security (WAAP). We serve Indias largest banks, PSUs, and enterprises and were building a founding team that will define how cybersecurity is delivered across this client base.

The Opportunity

Were looking for a hands-on, client-facing Founding Security Engineer who can own the implementation, deployment, and technical operations for our OEM cybersecurity solutions. This is not a back-office role youll be on client sites, designing architectures, deploying solutions, and providing ongoing technical support for Indias largest enterprises.

Your primary expertise should be in network security and microsegmentation (Zero Trust). Your secondary expertise should span web application firewalls (WAF), API security, and application protection. If youve spent 10+ years making enterprise networks more secure and you want to be part of building a cybersecurity practice rather than being a cog in a large services machine, this is your opportunity.

What Youll Own

Primary: Network Security & Microsegmentation (Zero Trust)

• Design and implement microsegmentation architectures for enterprise clients reducing lateral movement risk and enforcing Zero Trust principles at the network layer
• Deploy and configure microsegmentation platforms (Illumio, Guardicore, ColorTokens Xshield, Cisco ACI, VXLAN-based segmentation) across on-premise, hybrid, and multi-cloud environments
• Conduct network security assessments, identify segmentation gaps, and design remediation roadmaps for BFSI, government, and large enterprise clients
• Implement firewall policies, network access controls, and security zoning strategies aligned with client compliance requirements (RBI, CERT-In, SEBI, ISO 27001)
• Provide L2/L3 technical support and troubleshooting for deployed microsegmentation and network security solutions
• Create deployment playbooks, runbooks, and technical documentation for repeatable delivery

Secondary: WAF, API Security & Application Protection (WAAP)

• Deploy and manage Web Application Firewall (WAF) and WAAP solutions, including Prophaze (our OEM partner), for client environments cloud, Kubernetes, hybrid, and on-premise
• Implement API security policies, bot mitigation rules, DDoS protection, and Layer 7 threat detection for client web applications and APIs
• Conduct application security assessments, identify OWASP Top 10 vulnerabilities, and implement protective controls
• Configure custom WAF rules, virtual patching, SSL/TLS termination, and reverse proxy architectures
• Support client onboarding onto WAAP platforms domain configuration, endpoint mapping, policy tuning, and alert optimization

Cross-Cutting Responsibilities

• Be the primary technical point of contact for assigned client engagements from scoping and architecture through deployment and post-go-live support
• Conduct client-facing workshops, solution presentations, and technical demos for OEM solutions
• Support pre-sales with technical scoping, solution design, PoC execution, and RFP responses
• Coordinate with OEM partners (ColorTokens, Prophaze, and others) for technical escalations, product training, and certification
• Build and maintain a knowledge base of deployment architectures, configuration templates, and troubleshooting guides
• Contribute to SARCs cybersecurity thought leadership case studies, technical blogs, webinar participation

What Were Looking For

Experience & Background:

• 10+ years of hands-on experience in network security and/or cybersecurity implementation, with at least 3 years in a client-facing delivery/implementation role
• Direct experience with microsegmentation platforms Illumio, Guardicore, Cisco ACI, VMware NSX, VXLAN-based segmentation, or similar
• Hands-on experience with Zero Trust architecture design and implementation at the network layer
• Experience deploying and managing WAF / WAAP solutions (Prophaze, Imperva, F5, Akamai, AWS WAF, Azure WAF, Cloudflare, or similar)
• Strong foundation in network security firewalls (Check Point, Palo Alto, Fortinet, Cisco ASA), VPN, IPS/IDS, network access control, security zoning
• Experience with API security, bot mitigation, DDoS protection, and Layer 7 threat detection
• Proven track record of client-site implementations for enterprise or BFSI clients in India

Technical Depth:

• Deep understanding of TCP/IP, DNS, HTTP/S, SSL/TLS, network protocols, and packet-level analysis
• Experience with cloud networking and security across AWS, Azure, and/or GCP (VPCs, security groups, NACLs, WAF services)
• Familiarity with Kubernetes networking and container security concepts
• Knowledge of regulatory compliance frameworks RBI cybersecurity framework, CERT-In directives, SEBI guidelines, ISO 27001, NIST CSF, CIS Controls
• Scripting / automation skills (Python, Bash, PowerShell) for deployment automation and configuration management
• Experience with SIEM integration, log management, and security monitoring is a plus

Certifications (preferred, not mandatory):

• CCSA / CCSE (Check Point), PCNSE (Palo Alto), CCNA / CCNP Security (Cisco)
• Microsegmentation vendor certifications (Illumio, Guardicore, ColorTokens)
• AWS / Azure / GCP security certifications
• CEH, OSCP, or equivalent offensive/defensive security certifications
• ITIL v4 (for support operations)

The Right Mindset:

• Builder mentality youre joining a founding team, not a 500-person delivery centre. Youll help define how SARC delivers cybersecurity, not follow someone elses playbook
• Client obsession youre comfortable sitting in a CISOs conference room at a bank, not just behind a terminal
• Ownership you dont wait for tickets to be assigned; you see a problem and fix it
• Curiosity you stay ahead of the threat landscape, track new CVEs, and keep your skills sharp
• Communication you can explain a microsegmentation architecture to a CTO and troubleshoot a firewall rule with a network engineer in the same day

Why SARC Global?

• Founding team role youre not employee #500 in a cybersecurity practice; youre one of the first engineers shaping it. Your fingerprints will be on every deployment
• Equity participation meaningful ownership in the companys growth, not just a paycheck
• Marquee client access SARCs 40-year advisory relationships give you direct access to Indias top BFSI, government, and enterprise clients from day one
• Strategic OEM partnerships work with cutting-edge microsegmentation and WAAP technologies, get certified, and become one of the few experts in India on these platforms
• Growth trajectory as the practice scales, youll grow from individual contributor to team lead to practice head. The ceiling is what you build
• No bureaucracy small team, direct access to the CEO, fast decisions, real impact

How to Apply

Send your resume and a brief note on why this role excites you to ranu@sarc.global.

Introductory Call (30 min)

Culture fit, motivation, what youre looking for

Technical Deep-Dive (60 min)

Hands-on experience, architecture discussions, past deployment case studies

OEM Technical Round

Evaluation by our OEM technology partner

Final Round with CEO

Strategic alignment, equity discussion, offer