Job Description
Crum & Forster Company Overview Travel Insured International (TII), a Crum & Forster company is a leading travel insurance provider with more than 30 years in business. As a key component of our Specialty Business Unit, within the Accident & Health division, TII provides travel protection plans to help each individual travel confidently. Travel Insured International is proud to offer products to consumers and to agency partners of all sizes. We're committed to providing dependable coverage, great value, and end-to-end satisfaction for all customers. Job Description The Network Engineer with Security Expertise is responsible for designing, implementing, securing, and maintaining enterprise network infrastructure across on‑premises, cloud, and hybrid environments. This role ensures high availability, resilience, and security of corporate and customer‑facing systems. The engineer partners closely with Cybersecurity, Cloud Engineering, Architecture, and IT Operations to maintain a secure, compliant, and scalable network. This role can be Remote with some travel to our Glastonbury, CT. What You Will Do Network Architecture & Engineering Design, deploy, and maintain enterprise network infrastructure (LAN, WAN, SD‑WAN, VPN, Wi‑Fi, load balancers). Configure and support firewalls, secure web gateways, and network segmentation. Implement resilient topologies ensuring redundancy, failover, and high availability. Engineer network solutions that comply with regulatory and internal security policies. Security Engineering & Operations Deploy and manage enterprise security controls: Firewalls (e.g., Fortinet, Check Point, Palo Alto) Switches & Wireless (HP/ Aruba) Network intrusion detection/prevention systems (IDS/IPS) Secure Access Service Edge (SASE) / Zero Trust network tools Identity‑centric access controls Conduct security hardening, continuous monitoring, and vulnerability remediation. Partner with Cybersecurity teams on incident response, threat analysis, and post‑incident improvements Cloud & Hybrid Networking Support connectivity into cloud environments (Azure, AWS) including VNETs, routing, ExpressRoute/VPN gateways, NSGs, and firewalls. Ensure secure connectivity patterns for microservices, APIs, and distributed architectures. Collaborate with Cloud Engineering to enforce guardrails and landing zone standards. Operational Excellence Own monitoring, observability, and alerting for network and security-related systems. Troubleshoot complex network issues across multiple platforms. Participate in on-call rotation for critical infrastructure and security events. Maintain documentation, runbooks, diagrams, and architecture artifacts. Stay updated with emerging technologies, identify opportunities for system improvements and recommend appropriate upgrades. Other duties as assigned What YOU Will Bring To C&F Deep understanding of Agile and Scrum methodologies. Knowledge of product ownership best practices. Exceptional troubleshooting and analytical skills with attention to detail. Excellent communication skills, including the ability to translate technical details for leadership Team player capable of mentoring others. Ability to effectively manage multiple projects simultaneously, drive results and prioritize tasks. Exceptional collaboration ability, including collaborative partnership with Cybersecurity, Cloud, and Architecture teams. Proactive problem solver with a security first mindset. Able to thrive in fast paced, high growth, and transformation-oriented environments. Core Requirements Bachelor’s degree from accredited institution 5+ years of experience in enterprise network engineering Strong expertise in Routing & switching (BGP, OSPF, EIGRP, VLANs) Firewalls and network security controls VPN technologies (site-to-site, remote access) Secure network architectures and zero‑trust principles Experience with cloud networking (Azure preferred) Proficiency with network monitoring and SIEM/SOC workflows Preferred Requirements Experience in regulated industries (insurance, financial services, healthcare). Hands-on experience with: Fortinet or equivalent firewall platforms SASE solutions (e.g., Netskope, Zscaler, Cloudflare One) SD‑WAN Familiarity with DevSecOps