Today
Public Trust
Unspecified
Unspecified
Business - Support
Arlington, VA (On-Site/Office)
About the Opportunity
The Network Security Engineer role requires extensive Palo Alto Panorama, Firewalls, and Global Protect experience, along with extensive networking experience. Palo Alto Prisma Access and Zero Trust Network Access knowledge and experience are highly desired . A Network Security Engineer is responsible for providing architectural, technical, and problem resolution support for a Federal Agency network and security infrastructure that promotes a secure and scalable environment that aligns with the security requirements of our customer.
A Network Security Engineer also focuses on both the short-term and the long-term strategy, recommends technology solutions and improvements to the network and security-related environments and is also responsible for delivering clear, concise, timely communications that promote confidence in our team's ability to deliver operational excellence. They also perform Tier III "Build and Run" activities across multiple network and security environments, and review and recommend configuration changes, as needed.
The day-to-day responsibilities include the design, implementation, operations, troubleshooting, and resolution activities across multiple domains. They may be required to participate in system upgrades, deployments, and enhancements while focusing on delivery objectives, critical issues, and policy adherence. All Network Security Team members periodically work after hours to support system outages and critical infrastructure upgrades. This position may also require an on-site presence one or more days per week.
Qualifications
#LI-JL1
Education:
Experience:
Required Skills:
Desired Skills and Abilities:
Location: Arlington, VA / Dallas, TX
The Network Security Engineer role requires extensive Palo Alto Panorama, Firewalls, and Global Protect experience, along with extensive networking experience. Palo Alto Prisma Access and Zero Trust Network Access knowledge and experience are highly desired . A Network Security Engineer is responsible for providing architectural, technical, and problem resolution support for a Federal Agency network and security infrastructure that promotes a secure and scalable environment that aligns with the security requirements of our customer.
A Network Security Engineer also focuses on both the short-term and the long-term strategy, recommends technology solutions and improvements to the network and security-related environments and is also responsible for delivering clear, concise, timely communications that promote confidence in our team's ability to deliver operational excellence. They also perform Tier III "Build and Run" activities across multiple network and security environments, and review and recommend configuration changes, as needed.
The day-to-day responsibilities include the design, implementation, operations, troubleshooting, and resolution activities across multiple domains. They may be required to participate in system upgrades, deployments, and enhancements while focusing on delivery objectives, critical issues, and policy adherence. All Network Security Team members periodically work after hours to support system outages and critical infrastructure upgrades. This position may also require an on-site presence one or more days per week.
Qualifications
#LI-JL1
Education:
- BS Degree in Computer Science or Engineering, or equivalent work experience (required)
Experience:
- 10+ years of relevant technical Network/Security Engineering experience (required)
- Certifications: Desire three or more of the following: CCNP, CCDP, CCSP, CISSP, OSCP, PCNSE, PCNSA, ITIL
Required Skills:
- Extensive experience with Palo Alto Firewalls (ex: 3200 and 5200/5400/5600 series)
- Extensive experience with Palo Alto Panorama 9.x and above
- Extensive experience with Palo Alto Global Protect
- Extensive experience with Palo Alto Firewall Threat Protection, URL filtering, and other similar security features
- Extensive experience with decryption/TLS/Security Profiles/PKI and deep understanding of PCAPS
- Extensive experience with application-based traffic and designing solutions for Firewalling (Internal/Perimeter/External)
- Experience with Palo Alto Prisma Access-based Infrastructure, supporting multiple Data Centers and numerous offices
Desired Skills and Abilities:
- Vendor hardware and software support, such as Cisco, Juniper, Palo Alto, and others
- Data Center, WAN, LAN, WLAN, Firewall, and Load Balancer systems and support
- Analysis and forensic tools, along with effective troubleshooting of ingress/egress and zoned traffic
- Azure Infrastructure and understanding Azure VNETs, Routing, and Firewalling
- Microsoft Entra ID and SAML authentication
- Laptop setup and configurations
- Implementing ZTNA with an understanding of all integration points of the ZT pillars, such as endpoint, identity, and workloads
- Developing ZT security policies that incorporate telemetry from identity systems, endpoints, and external management systems
- Whitelisting IP space for various project teams to access external vendors and to ensure safe and secure connectivity
- Creating Zones and Policies for various network segments and troubleshooting connectivity across Security Zones
- Work with internal applications teams, design, and implement an appropriate ZTNA program with PA Prisma Access
- Develop documents that describe design, security controls, and operational manuals
- Develop and participate in internal and external testing of applicable applications to ensure that sufficient security is in place
- Effective time management and organizational skills, and ability to translate technical issues for business users
- Work independently as well as in a team environment with effective interpersonal communication skills
- Analytical, communication, and problem-solving skills
- Support InfoSec Standards and Best Practices
- Thrives in a fast-paced environment and looks for ways to do things more effectively (Current Mode/Future Mode)
Location: Arlington, VA / Dallas, TX
group id: 10177962
