L2/L3 Security & Firewall Engineer

Job Description

L / L engineering capability as related to cybersecurity design / architecture covering data, voice and

cloud to support strategy and business requirements for perimeter security, compliance, resilience,

recovery, capacity and access. This incorporates all aspects of the communications infrastructure

including internal and external, mobile, public, private, cloud, intranet and data centers.

Current Environment

• Multiple data centers and + office locations.
• Palo Alto Firewalls + Panorama, and FortiNet FortiGate Firewalls + FortiManager / FortiAnalyzer.
• Cisco Multi-Site Datacenter ACI / SDN.
• Cisco Nexus (ACI leaf / spine & standalone), Nexus (VDC), and Nexus switches.
• Cisco ASR multigigabit routers. Advanced IP traffic engineering via BGP & OSPF routing.
• Cisco ASA (for NAC-enabled remote-access VPN), ISE, and AnyConnect VPN.
• Cisco Enterprise Wireless Controllers with + wireless-access-points.
• Site-to-Site VPN via FortiGate SDWAN and Palo Alto FWs.
• FortiNet FortiNAC for wired, wireless and RA-VPN network-access-control (NAC).
• Vivai Solutions Observer Apex, GigaStor, OMS and Analyzer.
• Cisco Unified Communications Manager, Unity Voice Mail, UCCX, ExpressWay and QoS.
• Cloud exchange peering with Amazon Web Services and Azure cloud computing platforms.
• NetScaler Load Balancers & Infoblox centralized DHCP.

Responsibilities

L / responsibility for enterprise I&O security strategy, architecture, implementation and

steady-state support.

• Functions as subject matter advisor for all aspects of firewall perimeter security.
• Produces and maintains documentation re : topologies, configuration and design.
• Assesses associated risks; specifies recovery routines and contingency procedures.

Formal Education & Certification

Bachelor's degree in Computer Science or Information Systems and years related work

experience or any equivalent combination.

Certifications in Palo Alto, FortiGate, Cisco switching / routing and related security

technologies preferred.

Knowledge and Experience

L / architect-caliber skills in Palo Alto firewall solutions and the Palo Alto Panorama

management platform.

L / architect-caliber skills with FortiNet FortiGate firewalls and the FortiNet

FortiManager / FortiAnalyzer management platform.

Proficiency with configuration and operational support of BGP routing on Palo Alto and

FortiNet firewall solutions. Troubleshooting capability in multi-platform BGP routing

environments, specifically Cisco, Palo Alto, FortiNet, AWS and Azure.

Must be very comfortable with the technical elements of network security and design, to

include datacenter-caliber clustered-FW perimeter solutions, IPSec VPNs (SS, ADVPN &

BB), TCP / IP, IPS / IDS, CASB, VoIP, load balancers, routers and switches.

Must be very comfortable with the technical elements of network security and design as

related to hybrid cloud environments, including AWS and Azure.

MUST have packet capture skills using Wireshark or other tools for packet capture, decode &

analysis.

Personal Attributes

• Excellent written, oral, and communication skills.
• Ability to conduct and direct research into IT issues and products.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self-motivated, self-directed, and attentive to detail.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.

Work Conditions

• Some travel may be required for meeting with stakeholders, network projects, etc..
• Ability to lift at least lbs for hardware equipment installations as

Our benefits package includes :

• Comprehensive medical benefits
• Competitive pay

k) retirement plan

• much more!
30+ days ago