Firewall Engineer - C2C, W2 or 1099

Duties and Responsibilities:

• Gap assessment and analysis of security solutions and recommendation of improvement initiatives.
• Implementation of scalable, redundant, and reliable firewall solutions.
• Security hardening firewall configurations.
• Configuration management and control of architectural/design/functional configuration changes to firewalls.
• Firewall brake-fix troubleshooting, root cause analysis, and support.
• Firewall patch/upgrade monitoring, reviews, maintenance scheduling and deployment.
• Management of firewall operational and security audits logs.
• Definition, development, and configuration of firewall security and operational alerts, dashboards, and reporting.
• Monitoring firewall operational and security alerts and dashboards.
• Defining, implementing, and monitoring process/procedures for maintaining the lifecycle firewall policies and rules.
• Configuration, maintenance, and support of additional firewall services such as URL filtering, Malware Sandboxing Analysis, Threat Intelligence Feeds, Threat Prevention, User ID etc.
• Provide firewall log correlation support for emerging and retroactive security incident investigations.
• Support the integration with other security tools such IDS/IPS, SIEM, NACs, VPN etc.
• Define requirements and develop roles-based Standard Operating Procedure (SOPs) documents.

Education and Years of Experience:

• At least ten (10) years of hands-on experience in Network Engineering/Architecture.
• At least five (5) years of Team & Technical Lead experience on system management /deployment projects.
• At least five (5) years of progressive hands-on experience in architecture, design, implementation, support of firewall technologies.
• Bachelor's degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline.

Required Skills/Certifications:

• Must have current Palo Alto Networks Certified Network Security Engineer (PCNSE) certification or hands-on experience implementing Palo Alto Advanced/NextGen features to include App-ID, User-ID, Content-ID, URL Filtering, Threat Prevention, WildFire, Virtual Wire, Virtual System (VSys), Global Protect, NAT Policies, Security Profiles, Inbound SSL Decryption, Outbound SSL Decryption (SSL Forward Proxy), File Blocking, and Data Filtering
• Hand-on experience with Palo Alto Panorama for centralized management of PANOS firewalls
• Self-starter, able to gather requirements, plan, execute firewall architecting and deployment efforts.
• Able to perform gap analysis and initiate and execute architectural improvements.
• Strong demonstrated experience with network security architecture, design, and implementation best-practices i.e., Defense-in-depth architecture, knowledge of emerging Zero Trust architecture.
• Hands-on experience with firewall architecture, design, and implementation.
• Hands-on experience with operational and security hardening configuration for firewall solutions.
• Hands-on experience with configuration management and change control for firewall solutions.
• Demonstrated experience with networking and switching protocols and infrastructure services, able to troubleshoot and identify DNS, DHCP, WiFi protocols, NTP, SNMP, routing, switching, and firewall issues affecting connectivity of applications and services.
• Must have working knowledge and understanding of network infrastructure components such as Routers, Switches, IDS, IPS, NAC, VPN Gateways, Wireless APs etc.
• Customer-oriented with excellent issue follow-through and resolution abilities.
• Outstanding leadership and organizational skills.
• Utilize tools and analytical skills to plan and execute technical changes.
• Excellent written and oral communication, and presentation skills.
• Ability to effectively work both autonomously as well as on a team.
• Outstanding interpersonal skills, strong work ethic, self-motivated and excellent presentation skills.

Desired Skills/Certifications:

• Hands-on experience with Juniper firewalls
• CISSP, CompTIA Security +, CCNA/CCNP Security, Juniper JNCIP-SEC or relevant industry security certifications
• Cisco CCNA or CompTIA Network + or relevant networking industry certifications
• Experience in project task technical analysis, planning, and estimation
• Experience with technology capabilities market research, technical analysis/review, and recommendation