Palo Alto Engineer

December 17, 2024
Apply Now

Job Description

Palo Alto Engineer

PRIMARY RESPONSIBILITIES:

  • Identify and remediate misconfigurations, conflicting rules, security gaps, firewall and load balancer security issues, optimize rule-sets, and enhance the overall security posture and performance of Firewalls and Load Balancers
  • Provide Tier 3 support to members of the operations network administrations.
  • Maintain all HW and SW components at vendor supported levels.
  • Support mission-critical Continuity of Operations (COOP).
  • Conduct a minimum of two (2) assessment of firewall each month on CESO and customer devices and generate assessment reports and provide recommendations for improvements.
  • Support the creation of network device performance and traffic utilization monthly reports.
  • Develop and/or participate in After Action Reports (AARs)
  • Provide expert advice and direction regarding the management and operation of all Palo Alto devices in the DISA CESO enterprise architecture.
  • Interact with the customer point of contact to set objectives/goals based on Palo Alto Networks technologies and available technology roadmap for architecture and design discussions.
  • Evaluate current technologies and processes associated with DISA CESO to identify gaps.
  • Provide requirements and strategies for future cybersecurity operations.
  • Active participant in meetings with DISA CESO and mission partner working groups.
  • Adhere to applicable DOD STIGs, DISA applicable orders, and JSIG policy, guidelines, and regulations.

Qualifications:

  • Bachelor’s degree and 12+ years of directly relevant experience. Add’l experience may be considered in lieu of degree.
  • 10+ years of hands-on Cisco / Palo Alto Firewall experience in both engineering and Operations and maintenance roles.
  • Strong knowledge of Palo Alto concepts and best practices:
    • Panorama Installation
    • Panorama HA Config
    • Panorama Template and Template Stacks
    • Panorama Policy creation and push to group of Firewalls and Verify Push
    • Palo Alto Route configuration
    • Palo Alto IPSec Site to Site VPN Config and Troubleshooting
    • Palo Alto VM in AWS
    • Palo Alto IPS Configuration
    • Palo Alto Virtual Router / Systems
    • Palo Alto Firewall HA
  • Experience working in a high op-temp, Top Secret environment.
  • Candidate must possess an active DOD Top Secret level security clearance, and be eligible to obtain and maintain a TS/SCI
  • Candidate must be willing to take and maintain a CI/Poly
  • 8570 IAT Level II Baseline Certification (e.g. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)