Firewall Engineer
Onsite-Crownsville, MD
Responsibilities:
Our client is looking for a Firewall Engineer with project lead experience and hands-on engineering experience. The Firewall Engineer will be responsible for the engineering, implementation, and support of security solutions for the State of Maryland DoIT Security Operations Center (SOC) with a special focus on enterprise firewall systems. This role will be responsible for performing the following tasks:
Duties and Responsibilities: Gap assessment and analysis of security solutions and recommendation of improvement initiatives. Implementation of scalable, redundant, and reliable firewall solutions. Security hardening firewall configurations. Configuration management and control of architectural/design/functional configuration changes to firewalls. Firewall brake-fix troubleshooting, root cause analysis, and support. Firewall patch/upgrade monitoring, reviews, maintenance scheduling and deployment. Management of firewall operational and security audits logs. Definition, development, and configuration of firewall security and operational alerts, dashboards, and reporting. Monitoring firewall operational and security alerts and dashboards. Defining, implementing, and monitoring process/procedures for maintaining the lifecycle firewall policies and rules. Configuration, maintenance, and support of additional firewall services such as URL filtering, Malware Sandboxing Analysis, Threat Intelligence Feeds, Threat Prevention, User ID etc. Provide firewall log correlation support for emerging and retroactive security incident investigations. Support the integration with other security tools such IDS/IPS, SIEM, NACs, VPN etc. Define requirements and develop roles-based Standard Operating Procedure (SOPs) documents.
Qualifications:
Education and Years of Experience: At least 6-8 years of hands-on experience in Network Engineering/Architecture. At least five (5) years of technical experience in architecture, design, implementation, support of firewall technologies. Bachelor’s degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline.
Required Skills/Certifications: Must have current Palo Alto Networks Certified Network Security Engineer (PCNSE) certification or hands-on experience implementing Palo Alto Advanced/NextGen features to include App-ID, User-ID, Content-ID, URL Filtering, Threat Prevention, WildFire, Virtual Wire, Virtual System (VSys), Global Protect, NAT Policies, Security Profiles, Inbound SSL Decryption, Outbound SSL Decryption (SSL Forward Proxy), File Blocking, and Data Filtering Hand-on experience with Palo Alto Panorama for centralized management of PANOS firewalls Self-starter, able to gather requirements, plan, execute firewall architecting and deployment efforts. Able to perform gap analysis and initiate and execute architectural improvements. Strong demonstrated experience with network security architecture, design, and implementation best-practices i.e., Defense-in-depth architecture, knowledge of emerging Zero Trust architecture. Hands-on experience with firewall architecture, design, and implementation. Hands-on experience with operational and security hardening configuration for firewall solutions. Hands-on experience with configuration management and change control for firewall solutions. Demonstrated experience with networking and switching protocols and infrastructure services, able to troubleshoot and identify DNS, DHCP, WiFi protocols, NTP, SNMP, routing, switching, and firewall issues affecting connectivity of applications and services. Must have working knowledge and understanding of network infrastructure components such as Routers, Switches, IDS, IPS, NAC, VPN Gateways, Wireless APs etc. Customer-oriented with excellent issue follow-through and resolution abilities. Outstanding leadership and organizational skills. Utilize tools and analytical skills to plan and execute technical changes. Excellent written and oral communication, and presentation skills. Ability to effectively work both autonomously as well as on a team. Outstanding interpersonal skills, strong work ethic, self-motivated and excellent presentation skills. Desired Skills/Certifications: Hands-on experience with Juniper firewalls CISSP, CompTIA Security +, CCNA/CCNP Security, Juniper JNCIP-SEC or relevant industry security certifications Cisco CCNA or CompTIA Network + or relevant networking industry certifications Experience in project task technical analysis, planning, and estimation Experience with technology capabilities market research, technical analysis/review, and recommendation Min. Citizenship Status Required: U.S Citizenship.
System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.