Job Information

Date Opened: 12/10/2025

Industry: Technology

Job Type: Full time

Work Experience: 5-10 years

City: Kampala

State/Province: Kampala

Country: Uganda

Zip/Postal Code: 256

Job Description

1. Network Engineering and Operations

Design and Architecture: Design, plan, and implement scalable, high-performance network architectures (LAN, WAN, Data Center).

Routing and Switching: Configure, manage, and troubleshoot advanced routing protocols including OSPF, BGP, EIGRP, and IS-IS. Implement and maintain advanced switching features such as VLANs, STP, trunking, EtherChannel, and port security.

High Availability: Implement and manage high availability protocols like HSRP, VRRP, and GLBP to ensure network resilience and uptime.

WAN Management: Oversee and troubleshoot wide-area network (WAN) connectivity, including MPLS, various VPNs (e.g., IPSec, DMVPN, SSL), and modern SD-WAN solutions.

Core Concepts: Apply deep understanding of OSI and TCP/IP models, IPv4/IPv6 addressing, subnetting, and supernetting in all design and operational activities.

2. Network Security Management

Firewall Administration: Design, implement, and maintain next-generation firewalls from vendors such as Cisco ASA/FTD, Palo Alto, Fortinet, Check Point, and Juniper SRX.

Threat Prevention: Configure and manage Intrusion Detection/Prevention Systems (IDS/IPS) using platforms like Snort and Suricata, or vendor-specific solutions, to monitor and block malicious traffic.

Secure Access: Implement and manage secure access solutions, including site-to-site and remote access VPNs, Zero Trust architectures, and Network Access Control (NAC) using 802.1X.

Authentication and Authorization: Configure and maintain AAA services utilizing TACACS+ and RADIUS for centralized device and user access control.

Segmentation: Develop and enforce network security policies through segmentation and micro segmentation techniques using VLANs, VRFs, and granular ACLs.

Secure Design: Ensure adherence to secure network design principles, including the proper placement and configuration of DMZ and bastion hosts for a secure network edge.

Requirements

Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent practical experience.

Minimum of 5-7 years of professional experience in network engineering with a strong focus on network security for Senior

At least 2-4 years of experience working in network engineering with a strong focus on network security for Senior

In-depth, hands-on experience with the technologies listed in the job summary (e.g., OSPF, BGP, Cisco/Palo Alto/Fortinet firewalls, IPSec VPNs).

Relevant industry certifications such as CCNP Enterprise/Security, JNCIP, PCNSE, or CISSP are highly desirable.

Proven ability to diagnose and resolve complex network and security issues under pressure (Level 3 troubleshooting).

Excellent communication skills, both written and verbal, for documenting processes and communicating with technical and non-technical stakeholders.

• Design, plan, and implement scalable, high-performance network architectures (LAN, WAN, Data Center).
• Configure, manage, and troubleshoot advanced routing protocols including OSPF, BGP, EIGRP, and IS-IS.
• Implement and maintain advanced switching features such as VLANs, STP, trunking, EtherChannel, and port security.
• Implement and manage high availability protocols like HSRP, VRRP, and GLBP to ensure network resilience and uptime.
• Oversee and troubleshoot wide-area network (WAN) connectivity, including MPLS, various VPNs (e.g., IPSec, DMVPN, SSL), and modern SD-WAN solutions.
• Apply deep understanding of OSI and TCP/IP models, IPv4/IPv6 addressing, subnetting, and supernetting in all design and operational activities.
• Design, implement, and maintain next-generation firewalls from vendors such as Cisco ASA/FTD, Palo Alto, Fortinet, Check Point, and Juniper SRX.
• Configure and manage Intrusion Detection/Prevention Systems (IDS/IPS) using platforms like Snort and Suricata, or vendor-specific solutions, to monitor and block malicious traffic.
• Implement and manage secure access solutions, including site-to-site and remote access VPNs, Zero Trust architectures, and Network Access Control (NAC) using 802.1X.
• Configure and maintain AAA services utilizing TACACS+ and RADIUS for centralized device and user access control.
• Develop and enforce network security policies through segmentation and micro segmentation techniques using VLANs, VRFs, and granular ACLs.
• Ensure adherence to secure network design principles, including the proper placement and configuration of DMZ and bastion hosts for a secure network edge.

• OSPF
• BGP
• EIGRP
• IS-IS
• VLANs
• STP
• Trunking
• EtherChannel
• Port Security
• HSRP
• VRRP
• GLBP
• MPLS
• IPSec VPNs
• DMVPN
• SSL VPNs
• SD-WAN
• OSI Model
• TCP/IP Model
• IPv4 Addressing
• IPv6 Addressing
• Subnetting
• Supernetting
• Cisco ASA/FTD
• Palo Alto Firewalls
• Fortinet Firewalls
• Check Point Firewalls
• Juniper SRX
• Snort
• Suricata
• Zero Trust Architectures
• Network Access Control (NAC)
• 802.1X
• TACACS+
• RADIUS
• VRFs
• ACLs
• DMZ
• Bastion Hosts
• Level 3 Troubleshooting
• Documentation
• Communication Skills

• Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent practical experience.
• Minimum of 5-7 years of professional experience in network engineering with a strong focus on network security for Senior
• At least 2-4 years of experience working in network engineering with a strong focus on network security for Senior
• In-depth, hands-on experience with the technologies listed in the job summary (e.g., OSPF, BGP, Cisco/Palo Alto/Fortinet firewalls, IPSec VPNs).
• Relevant industry certifications such as CCNP Enterprise/Security, JNCIP, PCNSE, or CISSP are highly desirable.
• Proven ability to diagnose and resolve complex network and security issues under pressure (Level 3 troubleshooting).
• Excellent communication skills, both written and verbal, for documenting processes and communicating with technical and non-technical stakeholders.