Firewall Administrator

As a Security Network Engineer, your role involves various key responsibilities to ensure the security and optimization of the network infrastructure: - **Security Architecture & Design** - Architect and optimize firewall rule bases to ensure Least Privilege access and business continuity. - Design secure segmentation strategies and assist Solution Architects in assessing new security requirements. - **Advanced Troubleshooting** - Lead investigations for complex connectivity issues using packet captures, session logs, and flow analysis. - Resolve policy conflicts, routing issues, and traffic blockages with internal and external stakeholders. - **Policy & Configuration Management** - Manage centralized policy deployments via Panorama/Forti Manager/Smart Console across global sites. - Enforce consistent rule standards and proactively clean up unused or shadow policies. - **VPN Architecture & Management** - Design, deploy, and troubleshoot IPSec VPNs, SSL VPNs, and Global Protect tunnels for partners, cloud, and remote access. - Collaborate closely with cloud teams for secure integration with AWS/Azure. - **Lifecycle & Change Management** - Plan and execute firmware/OS upgrades, hardware refresh cycles, and migration projects. - Prepare rollback plans, perform pre/post validations, and minimize production risks. - **Threat Prevention & Security Enforcement** - Configure and optimize NGFW security features like IPS/IDS, URL Filtering, AntiVirus, and DoS protections. - **Audit, Compliance & Reporting** - Conduct periodic firewall audits to identify risky rules and ensure adherence to ISO, PCI-DSS, and internal security standards. - Prepare detailed security audit reports and "As-Built" documents. - **Automation & Optimization** - Utilize Python or Ansible for automating policy deployment, rule audits, and configuration backups. - Generate automated reports for visibility, compliance, and capacity management. - **Incident & Crisis Management** - Lead war rooms during critical security breaches or outages. - Coordinate with SOC, Application, and Network teams for rapid remediation. - **Mentorship & Collaboration** - Review the work of L1/L2 teams, provide technical coaching, and establish troubleshooting SOPs. - Collaborate with Solution Architects to assess risk and propose secure alternatives. **Required Technical Skills** - Expert proficiency in Palo Alto (Panorama), Fortinet (Forti Manager), or Checkpoint Firewalls. - Strong understanding of VPN technologies like IPSec, SSL, and Global Protect. - Deep expertise in NAT/PAT, Security Zones, App-ID, User-ID, and traffic classification. - Experience with HA clustering, failover validation, and redundancy design. - Strong understanding of BGP, OSPF, and route redistribution in security environments. - Advanced packet analysis skills using Wireshark, TCPdump, and firewall packet capture tools. **Soft Skills & Behavioral Traits** - Strong documentation skills for As-Built documentation, Audit Reports, and technical proposals. - Ability to consult with Solution Architects and senior stakeholders on security design. - Excellent communication and decision-making skills under pressure. If you join our team, you will also enjoy benefits such as Provident Fund (PF), Health Insurance, Paid Time Off, and Professional Learning & Certification Support. As a Security Network Engineer, your role involves various key responsibilities to ensure the security and optimization of the network infrastructure: - **Security Architecture & Design** - Architect and optimize firewall rule bases to ensure Least Privilege access and business continuity. - Design secure segmentation strategies and assist Solution Architects in assessing new security requirements. - **Advanced Troubleshooting** - Lead investigations for complex connectivity issues using packet captures, session logs, and flow analysis. - Resolve policy conflicts, routing issues, and traffic blockages with internal and external stakeholders. - **Policy & Configuration Management** - Manage centralized policy deployments via Panorama/Forti Manager/Smart Console across global sites. - Enforce consistent rule standards and proactively clean up unused or shadow policies. - **VPN Architecture & Management** - Design, deploy, and troubleshoot IPSec VPNs, SSL VPNs, and Global Protect tunnels for partners, cloud, and remote access. - Collaborate closely with cloud teams for secure integration with AWS/Azure. - **Lifecycle & Change Management** - Plan and execute firmware/OS upgrades, hardware refresh cycles, and migration projects. - Prepare rollback plans, perform pre/post validations, and minimize production risks. - **Threat Prevention & Security Enforcement** - Configure and optimize NGFW security features like IPS/IDS, URL Filtering, AntiVirus, and DoS protections. - **Audit, Compliance & Reporting** - Conduct periodic firewall audits to identify ri