Job Description

Role: Firewall Engineer with Palo Alto Cisco ASA

Location: NYC NY

Setting: Hybrid - 4 onsite / 1 Day Remote

Who are we looking for

We are looking for a highly skilled and experienced Firewall Engineer with deep expertise in Palo Alto Cisco ASA and Cisco Firepower Threat Defense (FTD) firewalls along with hands-on experience in firewall automation and network security design. The ideal candidate will have a proven track record in designing implementing troubleshooting and managing complex enterprise firewall infrastructures preferably within large financial organizations. The candidate should be passionate about network security automation and operational excellence with a strong understanding of enterprise-grade architectures segmentation and compliance-driven environments.

Indicative Activities:

• Lead the design configuration and deployment of firewall solutions across enterprise and data center environments.
• Perform firewall rule analysis optimization and migration for large-scale network and security transformation projects.
• Design and implement segmentation VPNs and advanced security policies in alignment with compliance and audit requirements.
• Manage and support Palo Alto NGFWs Cisco ASA and Cisco Firepower Threat Defense (FTD) platforms.
• Develop and maintain firewall automation frameworks to streamline policy deployments rule reviews and reporting.
• Conduct firewall refresh and migration projects (e.g. ASA to FTD or legacy to Palo Alto).
• Collaborate with security architecture and network teams to ensure consistent and secure designs across hybrid and on-prem environments.
• Provide tier-3 escalation support for complex firewall and network security incidents.
• Maintain detailed documentation of configurations network diagrams and change management logs.
• Participate in security audits vulnerability remediation and compliance assessments.
• Coordinate with vendors (Palo Alto Cisco etc.) for TAC escalations bug fixes and platform upgrades.
  
  

Technical Skills:

Must Have

• Strong hands-on experience with Palo Alto Networks Firewalls (physical and virtual) including:
• Security policies NAT VPN (site-to-site & remote) App-ID User-ID Threat & URL Filtering.
• Panorama centralized management.
• Experience with dynamic routing (BGP/OSPF) and virtual systems.
• Expert-level experience with Cisco ASA and Cisco Firepower Threat Defense (FTD) platforms including:
• Access control policies NAT VPNs and cluster/high-availability configurations.
• Cisco FMC (Firepower Management Center) operations and troubleshooting.
• Proven expertise in firewall automation and scripting (Python Ansible REST API integrations).
• Strong understanding of network security architectures including segmentation zero trust and micro-segmentation principles.
• Solid grasp of networking fundamentals TCP/IP VLANs routing switching DNS DHCP and IP addressing.
• Experience working in large enterprise or financial environments with strict security and compliance requirements.
• Demonstrated ability to handle large-scale firewall refresh/migration projects end-to-end.

Good To Have

• Experience with F5 load balancers (LTM/GTM configuration and troubleshooting).
• Knowledge of Cisco routing and switching (Catalyst/Nexus platforms).
• Familiarity with SIEM IDS/IPS and network monitoring tools (Splunk SolarWinds etc.).
• Exposure to cloud-based firewalls and integrations (Palo Alto Prisma Cisco Secure Cloud Analytics).
• Understanding of SD-WAN Network Access Control (NAC) and Zero Trust architectures.
• Experience in security compliance frameworks (PCI-DSS ISO 27001 SOC2).

Process Skills:

• Strong understanding of ITIL processes including Change Incident and Problem Management.
• Ability to create and maintain technical documentation SOPs and runbooks.
• Proven track record of managing firewall lifecycle including upgrades patches and migrations.
• Skilled in capacity planning performance analysis and proactive issue prevention.
• Familiarity with change control and risk assessment in production environments.
• Ability to perform peer review and governance of firewall policies and configurations.

Behavioral Skills:

• Strong analytical and troubleshooting skills capable of resolving complex issues independently.
• Excellent communication and documentation abilities-able to translate technical findings into clear reports.
• Highly detail-oriented organized and disciplined in operational execution.
• Demonstrated leadership and mentoring capabilities for junior engineers.
• Ability to work effectively under pressure in high-availability mission-critical environments.
• Collaborative mindset with a focus on teamwork accountability and continuous improvement

Qualification :

• Professional with a minimum of 10 years of experience in firewall engineering roles.
• Bachelors degree in computer science Information Technology or a related field.
• Relevant certifications preferred:
• Palo Alto Networks PCNSE / PCNSA
• Cisco CCNP Security / CCIE Security
• Cisco Firepower Certification (FTD/FMC)
• F5-CA or F5-CTS (optional).
• Experience working in regulated enterprise or financial institutions is highly desirable.

Job Tags

Full time, Remote work,

Similar Jobs