Together we change lives.
Kelly is a team of experts driven by our belief that the impact of the right person in the right job is limitless.
No matter where you are in your career journey, you can apply your knowledge and passion to move people, organizations, and communities forward. You'll have opportunities to grow your expertise and capabilities, both professionally and personally. As a team, we celebrate inclusion, caring, and collaboration. As a company, we value your contribution, we work with integrity, and we always put people first - so your impact really will change lives.
**Kelly Services Network Security Engineer** will strengthen and modernize our enterprise security posture. You will help drive next-generation firewall initiatives, own network security controls post-migration, and serve as a network-focused escalation point during incident response and recovery. This is a hands-on and collaborative role, partnering with Infrastructure Engineering and Architecture teams to embed security best practices across both data center and cloud environments.
**What You'll Be Accountable for:**
**Firewall Security & Migration**
+ Plan and execute firewall modernization projects to ensure smooth migrations from legacy platforms.
+ Own network security controls post-cutover, including policies, baselines, tuning, and monitoring.
+ Participate in central management rollout and provide on-site support for data center cutovers.
**Advanced Threat Prevention & Policy Management**
+ Configure and optimize advanced firewall features (application controls, user awareness, threat prevention, SSL/TLS inspection).
+ Retire unused rules through periodic hygiene reviews and enforce baseline policies.
+ Integrate with threat intelligence sources to maintain a strong defensive posture.
**Application & Web Security**
+ Support enterprise web application firewalls (WAF) and collaborate with App Security and Dev teams to tune rules.
+ Investigate WAF alerts and balance false positive reduction with effective protection.
**Cloud Proxy & Remote Access**
+ Manage enterprise proxy and secure web gateway services.
+ Maintain TLS inspection policies and support secure remote access solutions that align with zero-trust principles.
**Endpoint & Host-Level Firewalls**
+ Define and enforce Windows and macOS firewall baselines in partnership with Endpoint Engineering.
**Incident Response & Threat Hunting**
+ Serve as an escalation point for complex network incidents, reconstructing sessions, and applying containment actions.
+ Hunt for anomalies in traffic patterns (e.g., beaconing, DGA domains, covert channels) and document findings.
**Exposure Reduction & Segmentation**
+ Enforce least privilege networking and advise on segmentation designs (VLANs, ACLs, firewalls).
+ Eliminate "rule debt" and overly permissive access patterns.
**Monitoring, SIEM & Detections**
+ Ensure network security logs integrate into enterprise monitoring and SIEM platforms.
+ Collaborate with the SOC to improve detection fidelity and reduce noise/MTTR.
**Automation & Playbooks**
+ Automate policy actions using APIs and scripting (Python, PowerShell, etc.).
+ Maintain playbooks and runbooks for consistent incident response execution.
**Advisory & SME Support**
+ Serve as a subject matter expert for network security in enterprise projects.
+ Provide architectural guidance on firewalls, DNS security, proxies, and secure remote access solutions.
**Essential Skills, Knowledge & Experiences:**
+ 5+ years in network security engineering within enterprise environments.
+ Strong experience managing and tuning next-generation firewalls.
+ Knowledge of TCP/IP, NAT, TLS, VPN, DNS, and common attack tactics.
+ Hands-on firewall migrations and integration with enterprise networking.
+ Familiarity with secure web gateway, remote access, and WAF solutions.
+ Scripting proficiency (Python or PowerShell).
+ Strong cross-team collaboration and a mindset that blends curiosity, problem-solving, and professionalism.
**Nice to Have**
+ Relevant certifications in network or security domains, such as:
+ **CompTIA Security+ or CySA+**
+ **GIAC certifications** (e.g., GSEC, GCIA, GCIH)
+ **CCNP Security** or equivalent advanced networking/security certifications
+ Experience with cloud networking and firewall integrations across AWS, Azure, or GCP.
+ Familiarity with SIEM platforms and vulnerability management tools.
+ Exposure to zero-trust designs and security-by-design principles.
+ Participation in tabletop exercises or purple-team engagements.
**Work Setup & Travel**
+ Remote (U.S.) with periodic travel for data center migration cutovers (e.g., Chicago, IL; Ashburn, VA; Troy, MI).
Total compensation package and benefits applicable to the position - understanding that each person has unique professional and personal needs focused on your total well-being. Explore our range of benefits for full-time employees at:
_Kelly is an equal opportunity employer committed to employing a diverse, equitable, and inclusive workforce, including, but not limited to, race, gender, individuals with disabilities, protected veterans, sexual orientation, and gender identity._ _ _ _Equal Employment Opportunity is The Law._