Sr. Cybersecurity Engineer – Firewalls (Palo Alto)
Employment Type: Full-Time
We are currently in search of a Sr. Cybersecurity Engineer with Palo Alto Firewall experience to support the planning, design, implementation, organization and operation of Palo Alto Firewalls based perimeter security network and network security devices including but not limited to 7000, 5000 and 3000 series firewalls. As part of the Cybersecurity Tools and Infrastructure Management group within the OCISO and Computer Security Incident Response Center (CSIRC) at HHS, your work will be key in administering firewall configurations and change requests necessary to manage data flows and protect HHS information assets from adversaries.
Responsibilities Setup, Configure, and Maintain Palo Alto perimeter defense appliances. Utilize Panorama with strategic development of policies, rules, NATS, and security profiles c. Implement network security policies. Monitor, secure, and communicate network vulnerabilities and attack vectors for diverse stakeholders. Provide extensive knowledge of Gigamon, Palo Alto Firewalls, FireEye, Sourcefire, Lancope SteATLhWatch, or RSA NetWitness security tools. Train users on the use of the tool as appropriate. Perform analyses of network security needs and design. Maintain and administer perimeter security systems such as firewalls and intrusion detection systems. Analyze, troubleshoot and correct network issues. Monitor firewalls and network system and identify and solve data communication problems and user performance issues; this includes understanding chronic issues causing inefficiency in operation and seek resolution. Utilize network security tools and analytical skills to investigate the root cause of issues across the enterprise network. Analyze logs and events from the solution and supply threat analysis reports, providing input and direction as applicable. Schedule and run regular technical change requests (i.e. policy modifications, signature updates, security patches, major software releases). Work closely with the cybersecurity team to improve proactive defense posture. Work closely with SIEM Engineer to maintain and enhance CSIRC/SOC alerting. Provide overall guidance, instruction and leadership to cybersecurity team and client. Triage security infrastructure or enterprise failures as well as re-configurations. Maintain current knowledge on industry issues/trends and competitive network security products. Be a subject matter expert on network and firewall related issues.
Required Education: 5+ years experience or Masters and 3+ years, or an Associates (Technical) and 8+ years, or 10 years experience in lieu of degree.
Required Experience: Palo Alto Networks PAN-OS at a high level. In-depth knowledge and understanding of TCP/IP networking and routing. Common knowledge of IT architectures(including firewalls, VPNs, IDS/IPS, etc). Computer networking concepts and protocols, and network security methodologies. Risk management processes (e.g., methods for assessing and mitigating risk). Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy. Cybersecurity and privacy principles. Cyber threats and vulnerabilities. Specific operational impacts of cybersecurity lapses. Data backup and recovery. Host/network access control mechanisms (e.g., access control list, capabilities lists). Incident response and handling methodologies. Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). Network traffic analysis methods. How traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]). Packet-level analysis. Virtual Private Network (VPN) security. What constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities. Web filtering technologies. Cyber defense and information security policies, procedures, and regulations. Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). Basic system, network, and OS hardening techniques. Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications. Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. Network traffic analysis (tools, methodologies, processes). Defense-in-depth principles and network security architecture.
Required Clearance: DHS Suitability (Public Trust) Clearable.
Desired Qualifications: CCSIP, CCNA-Security, EC Council C|ND, GSEC
About Aveshka :
Aveshka is a professional services firm focused on addressing our nation’s most complex threats and challenges. As a small business we’re committed to supporting our clients’ missions with services delivered by our diverse and experienced staff. With expertise in cybersecurity, emergency preparedness, and public health, our experience base spans federal, state, and local governments, as well as private sector entities.
Aveshka encourages collaborative communication and ongoing learning. Some of our benefits include: Extensive training programs Gym membership reimbursement Education reimbursement Technology benefits Commuter benefits Generous paid time off and much more!
Loading some great jobs for you...