5-7 years of direct firewall experience, including 3+ years with Cisco ASA.
Proficient in planning, design, and troubleshooting of network systems.
Hands-on experience managing configurations and upgrades for Palo Alto NGFWs.
Strong understanding of routing, switching technology, IP, and signaling.
Familiar with ITIL framework and able to create/read packet captures.
Excellent communication and documentation skills.
Responsibilities
Administer production firewall support for project and operational needs.
Troubleshoot firewall issues for application/development teams.
Lead analysis, troubleshooting, and resolution of network incidents.
Manage operations and data communication systems, including LANs/WANs.
Conduct research on emerging network and communication technology.
Design application data flows for application and system functionality.
Implement firewall rule sets for secure data flows.
Benefits
Collaborative work environment with IT specialists and engineers.
Engagement with application developers and cybersecurity analysts.
Opportunities for researching and evaluating new technologies.
Flexible role interfacing with various business units and projects.
Full Job Description
Overview:
This position is for a Senior Firewall Engineer performing support for data networks, with an emphasis on administration, provisioning, and support of firewall rules and infrastructure on Palo Alto NGFW and related technologies. Some Cisco ASA firewalls, VMWare VNC, and Cisco ACI (spine/leaf) is also present in the environment.
Responsibilities:
Administers production firewall support requests for project and operational needs.
Provides troubleshooting support to application/development teams for the firewalls in our environment.
Leads efforts to analyze, troubleshoot and resolve network incidents
Responsible for operations and data communication systems, including LANs and/or WANs
Performs activities related to Network Performance, Lifecycle, Reliability and Problem Management
Researches and evaluates emerging network and communication technology
Relevant, recent and hands on experience in designing application data flows necessary for application and system functionality required
Relevant, recent and hands on experience in designing, configuring and implementing firewall rule sets to ensure data flows are appropriate and secure required
Relevant, recent and hands on experience with CISCO ASA firewalls in clusters or active/standby configurations required
Experience with routed mode, transparent mode and Vwire, as well as experience with VPNs, NAT, trunking and troubleshooting using syslog are required
Interface directly with Application Developers, Cybersecurity analysts, Business Line personnel and other Network Engineering teams to determine the application data flow design and firewall rule sets, along with implementation strategies and timelines.
Work with other project teams and project managers to implement related secure network solutions
Work with other IT Infrastructure Specialists and Engineers as well other business unit personnel that support the corporate networks and the electrical grid, gas operations, and other corporate efforts
Communicate with suppliers to develop solutions to meet the internal customer's needs
Required:
Working knowledge of the planning, design, and troubleshooting of network systems.
Working experience in managing configurations and upgrades to Palo Alto NGFW's and Panorama
7+ Years of direct firewall experience including at least 3 years of Cisco ASA experience
Working experience with Cisco networks, ASA firewall configuration
Working understanding of routing and switching technology, IP, and signaling.
Working knowledge of ITIL framework required
Ability to create and read packet captures
Strong communication and documentation skills.
Preferred:
Working knowledge of F5 Big IP, and/or Nokia MPLS routers.
Working knowledge of industry trends and products.
Solid understanding of waterfall and agile project management processes, tools and techniques.
Familiarity with Splunk for syslog searches
Education:
Bachelor's degree, preferably in engineering, mathematics, computer science, or business.
Will consider candidates without a degree if they have shown/demonstrated having 2+ years equivalent, relevant experience in tools, systems, and initiatives leveraged by client. 3+ years of relevant experience required.
Related Skills (Preferred):
Working knowledge of SSL certs.
Good understanding of application layer packet headers