Arlington, VA, US
69 days ago
Palo Alto Security Firewall Engineer
Palo Alto Security Firewall Engineer Posted Date 2 hours ago(9/10/2024 3:54 PM) Job ID 2024-27230 Category Infrastructure Support Location US-VA-Arlington About DMI

DMI is a leading global provider of digital services working at the intersection of public and private sectors. With broad capabilities across IT managed services, cybersecurity, cloud migration and application development, DMI provides on-site and remote support to clients within governments, healthcare, financial services, transportation, manufacturing, and other critical infrastructure sectors. DMI has grown to over 2,100+ employees globally and has been continually recognized as a Top Workplace in both regional and national categories.

About the Opportunity

The Security Firewall Engineer – Level II role requires extensive Palo Alto and network experience, along with extensive networking experience. A Network Security Engineer is responsible for providing architectural, technical, and problem resolution support for the FDIC network and security infrastructure that promotes a secure and scalable environment that align to the security requirements of our customer.

 

A Security Firewall Engineer also focuses on both the short-term and the long-term strategy, recommends technology solutions and improvements to the network and security related environments and is also responsible for delivering clear, concise, timely communications that promote confidence in our team’s ability to deliver operational excellence. They also perform Tier III “Build and Run” activities across multiple network related security environments, and review and recommends configuration changes, as needed.

 

The day-to-day responsibilities include the design, implementation, operations, trouble shooting, and resolution activities across multiple domains. They may be required to participate in system upgrades, deployments, and enhancements, while focusing on delivery objectives, critical issues, and policy adherence. All Network Security Team members periodically work after hours to support systems outage and critical infrastructure upgrades. This position may also require an on-site presence one, or more, days per week. 

 

Qualifications Education:                       BS Degree in Computer Science or Engineering, or equivalent work experience (required)

Experience:                      

10+ years of relevant technical Security Engineering or Network Engineering/Security Engineering experience (required)Certifications: Desire two, or more, of the following: CCNP, CCDP, CCSP, CISSP, OSCP, PCNSE, PCNSA, ITIL, or other related certs

Required Skills:

Extensive experience with Palo Alto Firewall appliances (3000/3200/5200/5400) and VM-500 cloud deployments Extensive experience with Palo Alto Panorama 10.x or 11.x Extensive experience with troubleshooting from keyboard to cloud and from hardware/driver to layer 7 application issuesExtensive experience with maintaining and improving Operational Security Fundamental understanding of SMTP and SMTP related security mechanisms Fundamental understanding of threat/anti-virus/anti-spyware/URL-filtering/decryption profiles and fine tuning for .GOV’sFundamental understanding of networking from physical to dynamic routing protocolsExtensive experience with decryption/TLS/Security Profiles/PKI and deep understanding of PCAPSExtensive experience with application-based traffic and designing solutions for Firewalling (Internal/Perimeter/External)Experience with hybrid cloud environments and end to end application delivery and supportExtensive experience supporting multiple Data Centers and geographically dispersed officesContinuous learner with a focus on the latest network security related developments in the field

 

Desired Skills and Abilities:            

Vendor hardware and software support, such as Cisco, Juniper, Palo Alto, Trellix/FireEye, and othersData Center, Network, Firewall, and Email quarantine systems and supportAnalysis and forensic tools, along with effectively troubleshooting ingress/egress and zoned trafficAzure Infrastructure and understanding Azure VNET’s, Routing and FirewallingOperating within and Supporting a FIPS environment Developing security policies that incorporate data from identity systems, endpoints, and external management systemsWhitelisting IP space for various project teams to access external vendors and to ensure safe and secure connectivityCreating Zones and Policies for various network segments and troubleshooting connectivity across Security ZonesWork with internal applications teams, design, and implementation teams on application level securityDevelop documents that describe design, security controls, and operational manualsDevelop and participate in internal/external testing of applicable applications to ensure that sufficient security in in place ​Effective time management and organizational skills and ability to translate technical issues for business usersWork independently as well as in a team environment with effective interpersonal communication skillsAnalytical, communications, and problem solving skillsSupport InfoSec Standards and Best PracticesThrives in a fast-paced environment and looks for ways to do things more effectively (Current Mode/Future Mode)

Location: Arlington, VA (1st choice) or Dallas, TX (2nd choice)

 

Physical Requirements:  N/A

 

US Citizenship Required

#LI-JS3

 

Employees are valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company. The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination based on their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veterans/Disability. DMI maintains a drug-free workplace.

 

***************** No Agencies Please *****************

 

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

Connect With Us! Not ready to apply? Connect with us for general consideration.
Confirm your E-mail: Send Email