Firewall Engineer
Palo Alto Networks (PCNSE), firewall architecture, design & deployment, security hardening, gap analysis, hands-on Palo Alto Panorama, Zero Trust architecture, networking protocols (DNS, DHCP, Wi-Fi, NTP, SNMP), IDS/IPS, VPN, CISSP, CCNA/CCNP, U.S. Citizenship.
Duties and Responsibilities:
- Gap assessment and analysis of security solutions and recommendation of improvement initiatives
- Implementation of scalable, redundant, and reliable firewall solutions
- Security hardening firewall configurations
- Configuration management and control of architectural/design/functional configuration changes to firewalls
- Firewall brake-fix troubleshooting, root cause analysis, and support
- Firewall patch/upgrade monitoring, reviews, maintenance scheduling and deployment
- Management of firewall operational and security audits logs
- Definition, development, and configuration of firewall security and operational alerts, dashboards, and reporting
- Monitoring firewall operational and security alerts and dashboards
- Defining, implementing, and monitoring process/procedures for maintaining the lifecycle firewall policies and rules
- Configuration, maintenance, and support of additional firewall services such as URL filtering, Malware Sandboxing Analysis, Threat Intelligence Feeds, Threat Prevention, User ID etc.
- Provide firewall log correlation support for emerging and retroactive security incident investigations
- Support the integration with other security tools such IDS/IPS, SIEM, NACs, VPN etc.
- Define requirements and develop roles-based Standard Operating Procedure (SOPs) documents
Minimum Qualifications:
- Six years of hands-on experience in Network Engineering/Architecture
- Five years of technical experience in architecture, design, implementation, support of firewall technologies
- Current Palo Alto Networks Certified Network Security Engineer (PCNSE) certification or hands-on experience implementing Palo Alto Advanced/NextGen features to include App-ID, User-ID, Content-ID, URL Filtering, Threat Prevention, WildFire, Virtual Wire, Virtual System (VSys), Global Protect, NAT Policies, Security Profiles, Inbound SSL Decryption, Outbound SSL Decryption (SSL Forward Proxy), File Blocking, and Data Filtering
- Hand-on experience with Palo Alto Panorama for centralized management of PANOS firewalls
- Self-starter, able to gather requirements, plan, execute firewall architecting and deployment efforts
- Able to perform gap analysis and initiate and execute architectural improvements
- Experience with network security architecture, design, and implementation best-practices i.e., Defense-in-depth architecture, knowledge of emerging Zero Trust architecture
- Experience with firewall architecture, design, and implementation
- Experience with operational and security hardening configuration for firewall solutions
- Experience with configuration management and change control for firewall solutions
- Experience with networking and switching protocols and infrastructure services, able to troubleshoot and identify DNS, DHCP, Wi-Fi protocols, NTP, SNMP, routing, switching, and firewall issues affecting connectivity of applications and services
- Knowledge and understanding of network infrastructure components such as Routers, Switches, IDS, IPS, NAC, VPN Gateways, Wireless APs etc.
Desired Skills/Certifications:
- Hands-on experience with Juniper firewalls
- CISSP, CompTIA Security +, CCNA/CCNP Security, Juniper JNCIP-SEC or relevant industry security certifications
- Cisco CCNA or CompTIA Network + or relevant networking industry certifications
- Experience in project task technical analysis, planning, and estimation
- Experience with technology capabilities market research, technical analysis/review, and recommendation
Educational Requirement: Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline.
Min. Citizenship Status Required: U.S Citizenship