Security Engineer (Palo Alto)
Existing client is looking for a Security Engineer with Palo Alto experience to support a federal government agency in Atlanta, GA. This is a full time, direct hire position and requires an active DOD Secret clearance.
This role will require implementing, supporting, and securing Firewall technology within the enterprise.
- Knowledge of technology transformation for Firewalls, VPN, and IDS/IPS
- Keep Firewalls current within environment, including Threat and URL filtering content.
- Introduce routine backup process for firewalls within environment
- Setup, Configure, and Maintain Firewalls specifically Palo Alto
- Maintain new standup of firewalls in the environment as required
- Assist with strategic development of Policy Rules, NATS, and Security profiles on firewalls using Panorama
- Help implement Network Security policies
- Ability to run pcap wireshark traces, and tcpdumps.
- Ability to create Firewall rules based on Layer 7 applications
- Understand how to monitor, secure, and communicate on network vulnerabilities and attack vectors.
- Ensure proper audit trails are configured for centralized logging.
- Knowledge of Gigamon, Palo Alto Firewalls, FireEye, Sourcefire, Lancope StealthWatch, HP TippingPoint, or RSA NetWitness security tools
- Detail oriented and ability to multi-task in highly dynamic environment.
- Ability to work independently or with minimum supervision.
- Experienced in providing day-to-day operational support.
- B.A. or B.S. Degree in CS, Engineering or related Field.
- In lieu of degree 5 additional years of experience.
- 5+ years’ experience hands-on firewall administration with Palo Alto
- Palo Alto Certified Network Security Engineer (CNSE or ACE) highly desired
- CompTIA Network+ or equivalent preferred
- Certified Information Systems Security Professional (CISSP) a plus
- Check Point Certification (CCSA, CCSE, CCMSE, etc.) a plus
- Hands-on implementation and troubleshooting of Palo Alto Networks firewalls
- Understanding of commonly used protocols and services (e.g. SSL, TCP/UDP, HTTP, FTP/SFTP, NTP, Telnet, NFS, SSH, LDAP, etc.)
- Understanding of DNS architecture
- Understanding of networking hardware; routers, switches, and load-balancers (e.g. Cisco)
- Strong written and verbal communication skills with the ability to create and present concepts and recommendations to management
additional notes: Must have a current secret clearance;
Broad range of Security LAN/WAN and desktop knowledge