Senior Firewall Administrator

The contractor shall provide IT Infrastructure support services, which includes Tier 1 Help Desk, Tier 2 End User Support, Tier 3 Server, Platform, and Network Infrastructure Support and Engineering. Services shall include, but are not limited to, technical assistance for hardware, software, and network issues; incident and problem resolution; service request management; infrastructure monitoring and support; hardware and software lifecycle support; and management of escalation across all tiers.

Position Description: Responsible for managing and maintaining the organization's (currently PaloAlto based) firewall infrastructure. This role involves overseeing the deployment, configuration, and support of PaloAlto firewall devices, ensuring optimal performance, security, and availability. This position requires strong knowledge of PaloAlto firewall technologies, excellent troubleshooting skills, and familiarity with network security solutions.

* Monitoring and optimizing the performance of the network, ensuring efficient resource allocation and minimal downtime.

* Leading the installation, configuration, and maintenance of PaloAlto firewall devices as well as Cloud firewall configurations.

* Monitoring and optimizing the performance of firewall systems, ensuring efficient resource allocation and minimal downtime.

* Diagnosing and resolving complex firewall issues, including connectivity, performance, and security problems.

* Ensuring the security of the network by applying patches, updates, and security configurations to PaloAlto devices.

* Maintaining comprehensive documentation of firewall configurations, procedures, and policies.

* Working closely with other IT teams to support network security needs and integrate firewall solutions with other systems.

* Providing guidance and mentorship to junior network and firewall administrators and other IT staff.

Required Skills:

* Bachelor's degree in computer science, Information Systems, Engineering, or related field

* Public trust security clearance

* Firewall Administration: Expertise configuring, managing, and troubleshooting enterprise firewalls (e.g., Palo Alto, Cisco ASA/Firepower, Fortinet, Check Point, Juniper SRX).

* Network Security: Strong understanding of network security principles, including segmentation, VPNs (IPSec/SSL), NAT, ACLs, and IDS/IPS.

* Routing & Switching: Working knowledge of routing protocols (BGP, OSPF, EIGRP) and Layer 2 technologies.

* Policy Management: Ability to design, implement, and optimize security policies, objects, and rulesets while maintaining compliance and minimizing overlap/conflicts.

* Security Monitoring & Incident Response: Experience with log analysis, packet captures, and network traffic inspection for threat identification and remediation.

* SIEM Integration: Familiarity with tools like Splunk, QRadar, or ELK for centralized event monitoring and alert correlation.

* Operating Systems: Proficiency in administering Linux/Unix and Windows Server environments.

* Change Management: Experience following structured change control processes and documentation in ITIL or ISO environments.

* Scripting & Automation: Basic to intermediate scripting (Python, PowerShell, or Bash) for automating configuration or monitoring tasks.

* Documentation: Ability to create and maintain detailed network diagrams, firewall rule documentation, and standard operating procedures.

Preferred Skills:

* A PaloAlto Networks Certified Network Security Engineer (PCNSE) certification is preferred.

* Cloud Security: Experience with cloud firewalls and network security configurations in AWS, Azure, or Google Cloud.

* Next-Gen Firewall (NGFW) Technologies: Advanced knowledge of threat prevention, URL filtering, SSL decryption, application control, and user-ID mapping.

* Zero Trust Architecture: Understanding of zero trust principles and micro segmentation strategies.

* Network Access Control (NAC): Experience integrating firewalls with NAC solutions (e.g., Cisco ISE, Aruba ClearPass).

* Load Balancing & Proxy Technologies: Familiarity with F5, Citrix Netscaler, or reverse proxy systems.

* Certifications: Palo Alto Networks Certified Network Security Engineer (PCNSE) Cisco Certified Network Professional - Security (CCNP Security) Fortinet NSE 4-7 CompTIA Security+ / CySA+ / CASP+ Certified Information Systems Security Professional (CISSP) or equivalent

* Experience in Regulated Environments: Understanding of compliance requirements (FISMA, FedRAMP, NIST 800-53, PCI-DSS, HIPAA).

Soft Skills:

* Organizational Skills: Can plan and prioritize work. Follow tasks to their logical conclusion and makes sure that everything has been done to the right standard. Good attention to detail.

* Teamwork: Able to enthuse and maintain project interest. Comfortable working both individually and as part of a team. Prepared to challenge ideas within a group in a constructive way.

* Communications: Ability to communicate clearly and efficiently to team members and clients, verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context. Excellent active listening skills.

* Quantitative Management: Ability to determine process measures and track to determine process effectiveness and efficiency.

* Results oriented: Able to drive things forward regardless of personal interest in the task.

SES provides a competitive salary and the following benefits:

• Medical
• Dental
• Vision
• AD&D
• STD
• LTD
• Company paid Life Insurance
• 401k with employer contribution
• Paid Time Off
• Pet Insurance