Lead Consultant - Lead Network Security Engineer – Firewalls (L2/L3 SME)

Inviting applications for the role of Principal Consultant - Lead Network Security Engineer - Firewalls (L2/L3 SME)

Responsibilities

Firewall Platform Operations

. Manage andmaintainenterprisefirewallestate in alignment withClientsecurity policies.

. Administer andmaintainPanorama centralized management.

. Perform backup and restore operations forfirewallconfigurations.

. Executefirewallrule modifications (additions, updates, deletions) per approved changerequests.

. Maintainfirewallauthentication and routing configurations where applicable.

Firewall Policy Governance & Hygiene

. Perform rule base reviews and optimization activities.

. Support periodic policy recertification and hygiene reviews usingFireMon.

. Identifystale, duplicate, or overly permissive rules andsubmitrecommendations through formal change processes.

. Ensure alignment with least-privilege network segmentation principles (as directed).

IDS/IPS & Threat Protection

. Support IDS/IPS functionality withinfirewallplatforms where in scope.

. Investigate andvalidatenetwork-based threat alerts.

. Tune security profiles and threat signatures as approved.

. Escalate complex threat scenarios toappropriate stakeholders.

Service Request & Change Management

. Fulfill firewall-related service requests within defined SLAs.

. Execute approved changes followingClientchange control procedures.

. Perform post-change validation and ensure ticket documentation includes evidence of testing.

. Coordinate changes with other towers (IAM, ZTNA, WAF, Cloud) whenfirewallmodificationsimpactdependent services.

Incident & Problem Management

. Participate in firewall-related incident resolution activities.

. Support service restoration and outage response forfirewalldisruptions.

. Provide RCA inputs for major network security incidents.

. Identifyrecurring operational issues and recommend corrective measures through formal channels.

Audit, Logging & Compliance Support

. Maintain sufficient operational artifacts to support audit requirements.

. Support periodic security audits and compliance reviews.

. Ensurefirewalllogs are available for SIEM ingestion as directed.

. Maintain updated documentation offirewallconfigurations, SOPs, and escalation paths.

. Provide reportinginputsfor monthly service metrics.

Explicit Role Boundaries

. This role does not own enterprise network architectureredesign.

. Strategicfirewallplatformselectionor redesign decisionsremainwithClientgovernance.

. Activities are limited to defined services within the Security Application Inventory.

Qualifications we seek in you!

Minimum Qualifications

. Bachelor's degree in Computer Science, Information Security, or equivalent experience.

. Preferred certifications:

o Palo Alto PCNSE

o Relevant network security certifications (e.g., CCNP Security)

. Experience supporting large-scale, regulated enterprise environments preferred.

Preferred Qualifications/ Skills

. Good years of exp on enterprise network security engineering experience.

. Strong hands-onexpertisein:

. Palo Alto Networks firewalls

. Panorama centralized management

. FireMonpolicy governance

. Experience managing:

. Rule base optimization and hygiene

. NAT policies and routing configurations

. VPN policy configurations (operational level)

. Authentication integrations (where applicable tofirewallplatform)

. Experience supporting IDS/IPS functions integrated withinfirewallsolutions.

. Strong knowledge of formal Change Management (CAB/MOC).

. Experience in regulated enterprise environmentsrequiringaudit evidence and documentation discipline.

. Familiarity with log management and SIEM integration (operational support level).

.

.

.

.

.

.