Join our team in Elma, NY, as a Network Security Engineer and play a crucial role in safeguarding our network infrastructure. We are seeking a professional with strong expertise in firewall hardening, policy design, and network security operations. This position is pivotal in analyzing project requests and translating them into effective firewall rules and policy configurations. You'll coordinate with project stakeholders to ensure security requirements are met and implemented correctly. Experience with Palo Alto & Tufin for firewall policy management is highly desirable, and additional experience in designing and implementing network segmentation strategies is a strong advantage.
Key Responsibilities- Design, implement, and maintain secure firewall policies aligned with business and security requirements
- Perform firewall hardening activities, including rulebase optimization, risk reduction, and compliance alignment
- Analyze incoming project and business requests, translating them into well-defined firewall rules and security policies
- Collaborate with project managers, network engineers, and security teams to ensure requirements are accurately implemented
- Conduct impact analysis and risk assessments for proposed firewall changes
- Manage firewall policy changes through established change control processes
- Monitor and troubleshoot firewall-related issues, ensuring high availability and performance
- Maintain documentation for firewall rules, configurations, and design standards
Required Experience & Skills- 5-8 years of experience in network security engineering
- Strong hands-on experience with Palo Alto Networks firewalls (PAN-OS)
- Deep understanding of firewall rulebases, NAT policies, zones, and security profiles
- Experience with firewall hardening, audit remediation, and compliance frameworks
- Proven ability to translate business requirements into technical security controls
- Strong analytical and problem-solving skills
- Experience working in structured project environments with multiple stakeholders
Preferred Skills- Experience with Tufin (or similar firewall policy orchestration tools) for rule analysis, automation, and compliance
- Experience designing and implementing network segmentation (including micro-segmentation strategies)
- Familiarity with cloud security (AWS, Azure) and hybrid network environments
- Knowledge of zero trust architecture principles
Certifications (Preferred/Desired)- Palo Alto Networks Certified Network Security Engineer (PCNSE) - strongly preferred
- Palo Alto Networks Certified Network Security Administrator (PCNSA)
- CISSP, CISM, or equivalent security certification (nice to have)
- Relevant networking certifications such as CCNP Security or equivalent
Additional Requirements- Strong communication skills with the ability to work across technical and non-technical teams
- Ability to work independently and manage multiple priorities in a fast-paced environment
- Experience in regulated environments or with security compliance standards is a plus
