Posted today
Secret
Unspecified
Unspecified
IT - Hardware
Washington, DC (On-Site/Office)
ABOUT PRISM:
PRISM is devoted to modernization and innovation within the world of technology, security, and IT enterprise solutions. We are recognized for meeting performance requirements and exceeding customer expectations since 1994. Our culture is founded on relationships, opportunity, and success. Offering comprehensive benefit plans including medical, dental, vision, and 401K along with our people - first approach sustains our reputation as a premier employer.
PRISM Inc. is seeking a Palo Alto Networks Firewall Administrator to support a mission-critical organization in operating, optimizing, and securing next-generation firewall (NGFW) capabilities. This role focuses on policy lifecycle management, rule optimization, and block implementation, ensuring configurations meet security and compliance requirements, and implementing directives in a mission environment.
KEY RESPONSIBILITIES:
Administer and support Palo Alto Networks NGFWs in production environments. This includes creating, maintaining, and analyzing Palo Alto Networks' NGFW traffic reports to support internal security analysis and operational decision-making.
Manage centralized configuration and operations using Panorama (templates, device groups, policy push, commits, and upgrades as applicable).
Create, maintain, and document policy-based security rules, including lifecycle ownership (request intake, analysis, implementation, validation, and periodic review).
Perform rule optimization (cleanup, consolidation, shadowed/unused rule remediation, recertification support, and performance-aware tuning).
Implement blocks and directives (e.g., mandated deny policies, emergency blocks, and governance-driven changes) with clear validation and rollback planning.
Build and maintain rules leveraging App-ID, including application-based segmentation and least-privilege access patterns. This also includes converting legacy firewall rulesets to App-ID rulesets in order to improve visibility, control, modernization, and effectiveness.
Develop, tune, and maintain Palo Alto Networks security profiles to balance production traffic requirements with organizational risk tolerance.
Ensure firewall configurations align with security requirements (hardening, logging standards, auditing, and control evidence as required). Recommend/implement changes if intended requirements/security outcomes are not met.
Troubleshoot traffic and policy behavior using logs and tools (e.g., Traffic logs, Threat logs, URL logs; policy match reasoning; session troubleshooting). Maintain and manager URL and IP whitelists/blacklists based on threat intelligence, security reports, and organizational needs.
Partner with security operations, network teams, and stakeholders to support change management, incident response, and continuous improvement.
Maintain accurate documentation (network/security diagrams as needed, rule justification, standard operating procedures, and change records).
REQUIRED QUALIFICATIONS (EDUCATION/SKILLS):
At least 5 years of experience with hands-on administration of Palo Alto Networks firewalls in an enterprise environment. Additional networking experience outside of Palo Alto does not count toward this requirement, but it is beneficial/preferred.
8570-8140 Compliant IAT II (CompTIA Security +CE or similar)
Demonstrated experience with Panorama administration and centralized policy management.
Strong working knowledge of App-ID and designing/enforcing application-based rules.
Proven ability to execute rule optimization and implement/validate deny blocks and operational directives.
Experience developing and maintaining policy-based rules aligned to security requirements and audit expectations.\
Familiarity with firewall concepts: zones, routing, NAT, security profiles, SSL decryption (if applicable), URL filtering, logging/monitoring, and change control.
Ability to write clear technical documentation and communicate risk/impact to stakeholders, management, peers, and junior staff.
Familiarity with Oracle Cloud Infrastructure (OCI)
REQUIRED SECURITY CLEARANCES:
Active DoD Secret clearance
PREFERRED QUALIFICATIONS:
Palo Alto certifications (e.g., PCNSA/PCNSE)
A background in Agile teaming and practical Jira use is preferred.
PRISM is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
PRISM is devoted to modernization and innovation within the world of technology, security, and IT enterprise solutions. We are recognized for meeting performance requirements and exceeding customer expectations since 1994. Our culture is founded on relationships, opportunity, and success. Offering comprehensive benefit plans including medical, dental, vision, and 401K along with our people - first approach sustains our reputation as a premier employer.
PRISM Inc. is seeking a Palo Alto Networks Firewall Administrator to support a mission-critical organization in operating, optimizing, and securing next-generation firewall (NGFW) capabilities. This role focuses on policy lifecycle management, rule optimization, and block implementation, ensuring configurations meet security and compliance requirements, and implementing directives in a mission environment.
KEY RESPONSIBILITIES:
Administer and support Palo Alto Networks NGFWs in production environments. This includes creating, maintaining, and analyzing Palo Alto Networks' NGFW traffic reports to support internal security analysis and operational decision-making.
Manage centralized configuration and operations using Panorama (templates, device groups, policy push, commits, and upgrades as applicable).
Create, maintain, and document policy-based security rules, including lifecycle ownership (request intake, analysis, implementation, validation, and periodic review).
Perform rule optimization (cleanup, consolidation, shadowed/unused rule remediation, recertification support, and performance-aware tuning).
Implement blocks and directives (e.g., mandated deny policies, emergency blocks, and governance-driven changes) with clear validation and rollback planning.
Build and maintain rules leveraging App-ID, including application-based segmentation and least-privilege access patterns. This also includes converting legacy firewall rulesets to App-ID rulesets in order to improve visibility, control, modernization, and effectiveness.
Develop, tune, and maintain Palo Alto Networks security profiles to balance production traffic requirements with organizational risk tolerance.
Ensure firewall configurations align with security requirements (hardening, logging standards, auditing, and control evidence as required). Recommend/implement changes if intended requirements/security outcomes are not met.
Troubleshoot traffic and policy behavior using logs and tools (e.g., Traffic logs, Threat logs, URL logs; policy match reasoning; session troubleshooting). Maintain and manager URL and IP whitelists/blacklists based on threat intelligence, security reports, and organizational needs.
Partner with security operations, network teams, and stakeholders to support change management, incident response, and continuous improvement.
Maintain accurate documentation (network/security diagrams as needed, rule justification, standard operating procedures, and change records).
REQUIRED QUALIFICATIONS (EDUCATION/SKILLS):
At least 5 years of experience with hands-on administration of Palo Alto Networks firewalls in an enterprise environment. Additional networking experience outside of Palo Alto does not count toward this requirement, but it is beneficial/preferred.
8570-8140 Compliant IAT II (CompTIA Security +CE or similar)
Demonstrated experience with Panorama administration and centralized policy management.
Strong working knowledge of App-ID and designing/enforcing application-based rules.
Proven ability to execute rule optimization and implement/validate deny blocks and operational directives.
Experience developing and maintaining policy-based rules aligned to security requirements and audit expectations.\
Familiarity with firewall concepts: zones, routing, NAT, security profiles, SSL decryption (if applicable), URL filtering, logging/monitoring, and change control.
Ability to write clear technical documentation and communicate risk/impact to stakeholders, management, peers, and junior staff.
Familiarity with Oracle Cloud Infrastructure (OCI)
REQUIRED SECURITY CLEARANCES:
Active DoD Secret clearance
PREFERRED QUALIFICATIONS:
Palo Alto certifications (e.g., PCNSA/PCNSE)
A background in Agile teaming and practical Jira use is preferred.
PRISM is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
group id: PRISMVA
N
