Data Center Firewall & Network Security Engineer

About The Position

Requirements

• Experience designing, implementing, managing, and monitoring an organization’s network defenses, with a primary focus on firewalls and VPNs.
• Minimum of 8 to 10 years of experience configuring, managing, and supporting firewalls.
• Expertise in Palo Alto Networks firewalls and Panorama.
• Strong grasp of core networking technologies such as BGP, OSPF, VLANs, VXLAN, and EVPN.
• Experience designing secure, redundant failover paths across multiple geographic data centers.
• Experience securing connectivity between on‑premises data centers and AWS/Azure/GCP.
• Strong scripting/programming skills (e.g., Python, Shell, PowerShell, YAML/JSON) and experience with Infrastructure‑as‑Code or Policy‑as‑Code frameworks.
• Bachelor’s degree in Computer Science, Electrical/Computer Engineering, Information Security, or Information Systems; a Master’s degree is preferred.

Nice To Haves

• PCNSE, NSE 4–8, CCNP Security, or CISSP certifications preferred.
• Experience with IDS/IPS, SSL/TLS decryption, WAF, and DDoS mitigation.

Responsibilities

• Architectural Design: Design and deploy scalable, high‑availability security solutions (firewalls, VPNs) in a multi‑tenant or data center environment.
• Policy Management: Create, audit, and optimize complex firewall rule sets to enforce the principle of least privilege.
• Zero Trust & Segmentation: Implement micro‑segmentation strategies to prevent lateral movement within the data center.
• Threat Mitigation: Monitor for security breaches and investigate network‑level anomalies using SIEM tools and packet analysis.
• Performance Tuning: Manage high‑throughput traffic flows (100G+ environments) and ensure that security inspection does not create bottlenecks.
• Automation: Utilize Python, Ansible, or Terraform to automate repetitive security tasks and support Infrastructure‑as‑Code (IaC) deployments.
• Operations and Management: Operations and Management: software upgrades, vulnerability response, vendor coordination, debugging and mitigation, on‑call support, stakeholder communication, and documentation.