Kimley-Horn is seeking a Cybersecurity Engineer to help lead and mature our network security function, with a primary focus on enterprise firewall architecture and operations.

This is a foundational role within our Information Security team, where you’ll take ownership of a growing firewall environment, influence security strategy, and help define the future of network security across a rapidly expanding, multi-site organization.

If you have a strong networking background and deep hands-on firewall experience—especially in Palo Alto environments—this is an opportunity to truly own and evolve a critical security domain.

Firewall Ownership & Network Security (Primary Focus)

• Serve as the primary owner of Kimley-Horn’s enterprise firewall environment, including design, implementation, and ongoing optimization
• Create, review, and maintain firewall policies and rules across on-prem and cloud environments
• Lead firewall strategy decisions, including policy standardization, segmentation, and performance tuning
• Administer and optimize Palo Alto firewalls and Panorama
• Manage and enhance GlobalProtect policies and secure remote access configurations
• Analyze and implement ACLs, rule bases, and logical security controls across a multi-vendor environment
• Drive continuous improvement in firewall posture, balancing security and user experience

• Support and manage Next-Gen Firewalls in Azure environments
• Administer and optimize Web Application Firewalls (WAFs)
• Participate in SASE and cloud security architecture discussions and reviews

• Implement and maintain network security controls, including firewalls, VPNs, IDS/IPS, and access controls
• Troubleshoot complex networking and security issues across cloud and hybrid environments
• Monitor and resolve network performance issues (latency, throughput, utilization, system slowness)
• Partner with Network Operations and Cloud teams to review designs and provide a security-first perspective

• Assist in evaluating and implementing Network Detection & Response (NDR) solutions
• Support the transition and ongoing ownership of Cisco ISE capabilities
• Contribute to security tooling decisions, standards, and long-term strategy

• Coordinate and guide work across matrixed IT partners
• Provide technical guidance, training, and mentorship on network security best practices
• Participate in incident response, change management, and after-hours maintenance for critical events

• Bachelor’s degree in Information Security, Cybersecurity, or a related field
• 4+ years of experience in network security engineering or related roles within enterprise environments
• Strong hands-on experience with firewall design, implementation, and management (required)
• Direct experience with Palo Alto firewalls and Panorama
• Experience with firewall architectures across internal, perimeter, and cloud environments
• Experience administering Web Application Firewalls (WAFs)
• Experience with Cisco ISE or similar identity-based network access platforms
• Solid understanding of networking fundamentals (routing, switching, TCP/IP, DNS, DHCP)
• Experience with change management practices and operational processes
• Strong problem-solving skills and ability to perform under pressure
• Excellent communication skills with the ability to explain technical concepts to non-technical stakeholders

Preferred Certifications:Security+, Network+, CCNP Security, AZ-700/AZ-500, CISSP, or similar