About the Position:
The qualified candidate should have minimum 10+ years of security & network engineering experience working across a wide range of firewall and network services, including LAN, WAN, security, wireless, remote access, load balancing, and cloud connectivity. The candidate must also exhibit strong professional skills, including communications, self-motivated, adaptability, and dependability.
Work as a member of the Network Services team. Closely work with the team to sustain a comprehensive firewall engineering program, including providing input on policies, processes and standards for the administration, and engineering of firewalls.
- Design and execute firewall rule changes, following team standards to ensure a secure optimized firewall policy structure is maintained.
- Monitor and maintain the health of all firewalls.
- Work with project teams to engineer firewall solutions to meet security requirements and business needs.
- Maintain documentation of firewall procedures and standards.
- Work with management to identify technologies and procedures to improve operations.
- Provide support and input to team projects.
- Develop Visio drawings of security infrastructure.
Firewall engineering and administration tasks to include:
- Build and troubleshoot Site-to-Site and Client VPN connections.
- Build and edit firewall policies.
- Build and deploy firewalls.
- Patch and upgrade firewalls.
- Perform troubleshooting for firewall issues.
- Complete after hours windows.
- Provide on-call support.
- Network and cloud support.
Who are you:
- Ability to effectively prioritize and execute tasks
- Independently gather requirements and translate those into solutions
- Good temperament during stressful situations
- Highly collaborative team member
- Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice. Additionally, participate in a week-long on-call rotation.
- Strong knowledge of network features and protocols such as spanning tree, TCP/IP V4/V6, SIP, ARP, CDP, EIGRP, OSPF, BGP, VTP, Etherchannel, 802.1Q trunking, MLS, HSRP, GLBP, VSS/VSL, QoS, Multicast, IPsec, RADIUS/TACACS+, SNMP, NTP, and HTTP
- Automate and network scripting.
- Experience managing security in the cloud AWS, AWS VMC and Azure environments
- Experience working in Cisco ASA, Cisco Firepower, Palo Alto, VMware NSX-T environments and managing large complex firewall policies
- Experience managing Cisco FMC and Palo Alto Panorama
- Experience with Advanced Threat Protection and features on the firewall
- Certification in firewalling such as Cisco, Palo Alto