State of Maryland DoIT Security Operations Center (SOC)
Betis Group is looking for a Senior Firewall Architect/Engineer with project lead experience and hands-on engineering experience. The Sr. Firewall Architect/Engineer will be responsible for the planning, architecting, designing, engineering, implementation, and support of security solutions for the State of Maryland DoIT Security Operations Center (SOC) with a special focus on enterprise firewall systems. Work is to be performed at the government site in Crownsville, MD.
This role will be responsible for performing the following tasks.
Position: Senior SME – Senior Firewall Engineer
– Serve as the Firewall Team Lead and Technical Lead for firewall projects, gathering requirements, planning, proposing, and executing firewall solutions deployments to successful closure.
– Perform gap-assessment and analysis of security solutions and recommendation of improvement initiatives.
– Architecture, design, and implementation of scalable, redundant, and reliable firewall solutions.
– Implement security hardening firewall configurations
– Configuration management and control of architectural/design/functional configuration changes to firewalls.
– Firewall break-fix troubleshooting, root cause analysis, and support.
– Firewall patch/upgrade monitoring, reviews, maintenance scheduling and deployment.
– Management of firewall operational and security audits logs.
– Definition, development, and configuration of firewall security and operational alerts, dashboards, and reporting.
– Monitoring firewall operational and security alerts and dashboards.
Defining, implementing, and monitoring process/procedures for maintaining the lifecycle firewall policies and rules.
– Configuration, maintenance, and support of additional firewall services such as URL filtering, Malware Sandboxing Analysis, Threat Intelligence Feeds, Threat Prevention, User ID etc.
– Provide firewall log correlation support for emerging and retroactive security incident investigations.
– Support the integration with other security tools such IDS/IPS, SIEM, NACs, VPN etc.
– Define requirements and develop roles-based Standard Operating Procedure (SOPs) documents.
Education and Years of Experience:
– At least ten (10) years of hands-on experience in Network Engineering/Architecture
– At least five (5) years of Team & Technical Lead experience on system management /deployment projects
– At least five (5) years of progressive hands-on experience in architecture, design, implementation, support of firewall technologies
– Bachelor’s degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline
– Self-starter, able to gather requirements, plan, execute firewall architecting and deployment efforts.
– Able to perform gap analysis and initiate and execute architectural improvements.
– Must have strong hands-on experience with Palo Alto and Juniper SRX firewalls and associated services.
– Strong demonstrated experience with network security architecture, design, and implementation best-practices, e.g., Defense-in-depth architecture and knowledge of emerging Zero Trust architecture.
– Hands-on experience with firewall architecture, design, and implementation.
– Hands-on experience with operational and security hardening configuration for firewall solutions.
– Hands-on experience with configuration management and change control for firewall solutions.
– Demonstrated experience with networking and switching protocols and infrastructure services, able to troubleshoot and identify DNS, DHCP, WiFi protocols, NTP, routing, switching, and firewall issues affecting connectivity of applications and services.
– Must have working knowledge and understanding of network infrastructure components such as Routers, Switches, IDS, IPS, NAC, VPN Gateways, Wireless APs etc.
– Customer-oriented with excellent issue follow-through and resolution abilities.
– Outstanding leadership and organizational skills.
– Utilize tools and analytical skills to plan and execute technical changes.
– Excellent written and oral communication, and presentation skills.
– Ability to effectively work both autonomously as well as on a team.
– Outstanding interpersonal skills, strong work ethic, self-motivated and excellent presentation skills.
– Palo Alto and Juniper firewall certifications, e.g., Palo Alto PCNSE and Juniper JNCIP-SEC.
– CISSP, CompTIA Security +, CCNA/CCNP Security, or relevant industry security certifications
– Cisco CCNA or CompTIA Network + or relevant networking industry certifications
– Experience in project task technical analysis, planning, and estimation
– Experience with technology capabilities market research, technical analysis/review, and recommendation
– U.S. Citizenship required
– Must pass a Public Trust background investigation
Salary Commensurate with Experience
|Job Category||Cybersecurity, Project Management|