Senior SecurityNetwork Engineer | PJ Dick-Trumbull-The Lindy Group
Pittsburgh | North Shore
We are seeking a
Senior SecurityNetwork Engineer to assist with the design, implementation, and support a hybrid infrastructure spanning Azure cloud networking, Microsoft security platforms, and on-premises enterprise networks.
This role is responsible for working as part of a team that will ensure secure, scalable, and resilient connectivity across offices, jobsites, and cloud environments, with a strong focus on Fortinet firewall management, Azure networking architecture, SD-WAN, and Microsoft security controls.
The ideal candidate will also play a key role in ensuring alignment with CMMC requirements and NIST 800-171 standards, maintaining policies and controls that protect sensitive data and support regulatory compliance.
Key Responsibilities
Azure NetworkingCloud Infrastructure-
Design, deploy, and maintain Azure networking architectures, including:
-
Virtual Networks (VNets), subnets, and peering
-
Azure Firewall, NSGs, and routing tables
-
VPN gateways and hybrid connectivity (site-to-site and point-to-site)
-
Support and optimize Azure landing zones and network segmentation
-
Ensure secure connectivity between on-prem environments, jobsites, and Azure workloads
-
Monitor performance, availability, and cost optimization of Azure network resources
Enterprise NetworkingJobsite Connectivity-
Manage and support LAN/WAN infrastructure across corporate offices, plants, and jobsites
-
Design and implement secure, scalable jobsite connectivity solutions, including temporary and mobile deployments
-
Support and evolve SD-WAN architecture to improve reliability, performance, and centralized management
-
Configure and maintain:
-
Core switching and routing
-
VLAN segmentation and IP addressing strategy
-
Wireless and remote site connectivity
-
Troubleshoot complex connectivity, latency, and routing issues across distributed environments
FirewallSecurity Infrastructure-
Design, implement, and manage Fortinet firewall solutions, including:
-
Policy management, rule optimization, and segmentation
-
VPN configuration and troubleshooting
-
IDS/IPS and secure access enforcement
-
Administer and support Fortinet ecosystem components (FortiGate, FortiClient, EMS, SD-WAN capabilities)
-
Implement and manage Microsoft security technologies, including:
-
Microsoft Defender (endpoint, identity, and cloud protection)
-
Entra ID (Azure AD), Conditional Access, and identity governance
-
Microsoft Purview for data protection and classification
-
Enforce Zero Trust principles, least privilege access, and network segmentation strategies
Security, ComplianceCMMC Alignment-
Assist with implementation and maintenance of technical controls supporting CMMC and NIST SP 800-171 requirements
-
Support audits, assessments, and evidence collection for CMMC and other regulatory frameworks
-
Collaborate with security leadership to continuously improve cybersecurity posture and risk management
-
Participate in incident response, threat monitoring, and vulnerability remediation efforts
OperationsCollaboration-
Work closely with IT leadership and cross-functional teams to support business-critical systems and field operations
-
Participate in infrastructure planning, including Azure expansion and new site deployments
-
Provide escalation support for networking and security incidents
-
Maintain network diagrams, security documentation, and configuration standards
-
Identify opportunities for automation, standardization, and operational efficiency
Required Qualifications-
A minimum of 7 years of experience in network engineering and security
-
Hands-on expertise with:
-
Azure networking (VNets, VPNs, routing, firewall)
-
Fortinet firewalls (FortiGate required)
-
Enterprise LAN/WAN and distributed environments
-
Strong understanding of:
-
TCP/IP, routing protocols, and segmentation
-
VPN technologies and secure remote access
-
Zero Trust architecture principles
-
Experience supporting regulatory frameworks (NIST 800-171, CMMC, or similar)
-
Experience with the Microsoft Security Suite(Defender, MDO, Purview, and Sentinel)
-
Proven ability to troubleshoot complex hybrid (cloud + on-prem + field) environments
Preferred Qualifications-
Certifications (preferred):
-
Azure Network Engineer Associate
-
CISSP, CCNP, or equivalent
-
Experience with:
-
SD-WAN design and deployment (Fortinet preferred)
-
Ubiquiti WiFi
-
Construction or distributed workforce environments
-
Network monitoring, SIEM, or observability tools
-
Intune and endpoint management
-
Vulnerability management, remediation workflows, and security hardening
-
Infrastructure-as-Code
Success Measures-
Reliable, secure connectivity across all offices, jobsites, and Azure environments
-
Strong compliance posture with NIST 800-171 and CMMC controls actively maintained
-
Effective SD-WAN and firewall management improving performance and security
-
Reduced incident response times and improved threat visibility
-
Scalable, repeatable infrastructure designs with clear documentation
Why This Role MattersThis role is critical to maintaining a secure, compliant, and highly available infrastructure foundation that supports both corporate operations and field execution. It directly enables Azure modernization, jobsite productivity, and regulatory compliance, while protecting sensitive business and project data.
About PJ Dick-Trumbull-Lindy Group
We are a premier regional general contractor and construction manager with:
1,500+ employees and $1+ billion in annual revenue
Consistent ranking among the Engineering News-Record "Top 100 Builders" nationwide
Projects throughout the Mid-Atlantic region
Multiple recognitions as one of Pittsburgh's "Best Places to Work"
We take pride in our people, our culture, and the long-term careers we help build.
We offer an outstanding compensation and benefits package that includes medical, dental, and vision insurance; 401(k) with company match and exceptional profit-sharing plan; annual performance bonus eligibility; free employee parking.
Individuals with Disabilities: PJ Dick-Trumbull-The Lindy Group wants all interested and qualified candidates to be able to use the career site to review and apply for employment opportunities. If you have a disability and need an accommodation to access this site, please contact us for assistance at 412.807.2000 or email us at
[email protected].
PJ Dick-Trumbull-The Lindy Group strives to create a diverse, safe, welcoming, and inclusive work environment in which all teams can excel.
We are an Equal Opportunity and VEVRAA Federal Contracting Employer and welcome all applications from a wide range of candidates, including covered veterans, minorities, females, and people with disabilities. Our policy is clear: We do not discriminate based on any characteristic protected by law.
To view our EEO policy, click
here; to view our Section 503 and VEVRAA Affirmative Action Policy, click
here.
