CRI Advantage

Firewall Engineer

CRI Advantage$85K — $110K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree plus 2 years relevant experience, or equivalent education and experience.
  • Hands-on experience with Palo Alto Networks firewalls and Panorama management.
  • Experience with IPv4/IPv6 dual-stack networking in an enterprise setting.
  • Proven ability to design, deploy, and troubleshoot firewall policies.
  • U.S. citizenship required for onboarding and background screening.

Responsibilities

  • Build, deploy, and maintain firewall rules across the Palo Alto environment.
  • Develop and deploy IPv6 rulesets based on existing IPv4 policies.
  • Configure IPv6 interfaces on firewalls for dual-stack operations.
  • Validate firewall traffic and troubleshoot policy and connectivity issues.
  • Participate in change planning and validation to reduce operational risk.
  • Document configurations and troubleshooting to support knowledge transfer.
  • Comply with all safety, health, and environmental requirements.

Benefits

  • Work performed 100% onsite at a secure facility.
  • Structured supporting environment emphasizing safety and compliance.
  • Opportunities for continual learning and technical development.
Full Job Description
Position Summary

The Firewall Engineer is responsible for implementing and supporting IPv4/IPv6 dual-stack networking across an enterprise Palo Alto Networks firewall environment. Working primarily in Palo Alto Panorama, you will design, build, deploy, validate, and troubleshoot firewall policies - developing IPv6 rulesets based on the organization's existing IPv4 policy and deploying them to firewalls throughout the environment. This role keeps a mission-critical production network secure and available while modernizing it to support IPv6.

Essential Duties & Responsibilities

The approximate time allocations below reflect the primary focus of the role and may vary with project needs.
• Build, deploy, and maintain firewall rules and policies across the enterprise Palo Alto Networks environment (approx. 70% of time).
• Develop IPv6 rulesets in Palo Alto Panorama, mirroring current IPv4 policy, and deploy them to firewalls enterprise-wide.
• Build and configure IPv6 interfaces on firewall devices to support dual-stack operation (approx. 10% of time).
• Validate and troubleshoot firewall traffic to confirm rulesets function as intended and to resolve policy or connectivity issues (approx. 20% of time).
• Participate in change planning, implementation, and validation activities to minimize operational risk during firewall deployments.
• Document configurations, changes, and troubleshooting steps to support ongoing operations and knowledge transfer.
• Comply with all environmental, safety, health, security, and quality requirements, and apply Integrated Safety Management System principles when performing job duties.
• Perform other related duties as assigned in support of the network security team.

Required Qualifications
• Bachelor's degree plus 2 years of relevant experience, or an equivalent combination of education and experience.
• Hands-on experience administering Palo Alto Networks firewalls and Panorama centralized management.
• Demonstrated experience implementing and supporting IPv4/IPv6 dual-stack networking within an enterprise environment.
• Demonstrated experience designing, deploying, validating, and troubleshooting enterprise firewall policies.
• U.S. citizenship; ability to complete standard site onboarding and background screening prior to starting.

Preferred Qualifications
• Palo Alto Networks Certified Network Security Engineer (PCNSE) or comparable certification.
• Experience administering Palo Alto Panorama Device Groups and Templates.
• Experience planning or executing enterprise firewall migrations.
• Experience supporting large, highly available production environments.
• Experience with enterprise IPv6 migrations or large dual-stack rollouts.
• Prior experience in a government, national laboratory, or other regulated IT environment.

Knowledge, Skills & Abilities
• In-depth knowledge of Palo Alto Networks firewall administration and Panorama policy management.
• Strong understanding of IPv4 and IPv6 addressing, dual-stack networking, and firewall policy design.
• Strong analytical, problem-solving, and troubleshooting skills with close attention to detail.
• Ability to work independently, manage competing priorities, and follow change-control processes in a production environment.
• Effective written and verbal communication and clear technical documentation.

Work Environment & Physical Requirements
• Work is performed 100% onsite at a secure facility in Idaho Falls, Idaho; remote or hybrid work is not available for this position.
• Prolonged periods working at a computer and performing repetitive keyboard/mouse tasks.
• Occasional standing, bending, or lifting of equipment (typically up to 25 pounds) may be required.
• Must adhere to all site safety, security, and emergency-action procedures.
• Travel is not anticipated beyond normal commuting to the Idaho Falls work location.

About CRI Advantage

CRI Advantage is an information technology company that provides IT solutions and services. The company was founded in 1988 and is headquartered in Reston, Virginia. CRI Advantage provides a range of IT services, including software development, data analytics, cloud computing, cybersecurity, and other services. CRI Advantage serves clients in the federal government, state and local government, and commercial sectors. CRI Advantage is a privately held company.
Learn more about CRI Advantage
Size
200 employees
Industry
Founded
1988

Similar Jobs

More Jobs at CRI Advantage

  • CRI Advantage
    Firewall Engineer
    $85K — $110K *
    Idaho Falls, ID 83401 (Bonneville County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Firewall Engineer jobs: