Task and responsibilities in this role include, but are not limited to the following:
The function of the Firewall Engineer is to implement, support and maintain all aspects related to Palo Alto, Cisco ASA and FirePower firewalls at an enterprise level along with Cisco ESA (email security appliance) on the FDIC Enterprise Network. The candidate should have solid knowledge of best current security practices, firewalls, network administration, application/web fundamentals, IP transit, routing protocols and all aspects of networking needed to support the required SLAs. Network fundamentals and firewall best practices plus troubleshooting are essential. The candidate must possess a networking background with a good understanding of switching, network routing plus skills in managing and supporting firewalls. The candidate must have strong ability to troubleshoot a variety of issues and make recommendations for system changes, as needed, to resolve all technical issues in an efficient and timely manner. (Though the position is 8-5 M-F, the role requires flexibility to support issues or planned activities after hours, weekends and holidays as needed.)
To qualify, you must meet these basic qualifications:
· Minimum of 4 years of enterprise network security experience (firewall, Intrusion Detection and Prevention (IDPs), log management/reporting solutions) · Planning and deployment of new network security systems. · Resolution of tier 2 trouble incidents for firewalls, secure e-mail gateways, email encryption technologies, intrusion prevention systems (IPS), and network forensics tools. · Communicate and support security policy, deployment, and support needs. This role must work in a team environment to manage the security posture of an enterprise network, and enforce policies by updating and configuring security devices. · Communicate the security challenges associated and provide solutions to mitigate them. · Work with other engineers on technical requirements and communicate to management. · Knowledge of routing and switching fundamentals and products is essential. · Practical experience working in complex LAN/WAN environments · Practical experience supporting Palo Alto, Cisco Firepower/Sourcefire, and/or Cisco ASA firewalls · Practical experience with Splunk or comparable logging system for troubleshooting · Ability to work with minimal supervision, set priorities, and give attention to detail and quality, flexible, strong organizational and time management skills, ability to multi-task, ability to work individually and with a team, positive attitude, self-motivated, reliable, trustworthy, strong interpersonal skills, diplomacy, and ability to handle stress in professional manner. · Excellent interpersonal skills and effective in interfacing with internal and external customers fostering collaboration and establishing strong partnerships and relationships
It would be great if you also had:
· Cisco and Juniper firewalls, routers, switches are a plus. · Practical experience supporting Cisco ESA email security appliance and FireEye is a plus · Knowledge of various operating systems and hardware (Linux, Windows). · Desired Certifications: Palo Alto Certifications, CCNP, CCNA, JNCIS-SEC, JNCIA-Junos, ITILv3, and CISSP.