Job Description
Role: Security Engineer (Palo Alto Firewall)
Location: Pune/Bangalore
Who are we looking for
Manage a critical project for one of our biggest client in banking domain. The Individual should be passionate about technology, experienced in developing and managing cutting edge technology applications.
Technical Skills:
.More than 5 years of overall experience with 3-5 years of technical experience in Firewall technology.
.Configuration of firewalls and other network security infrastructure.
.Expert knowledge of Palo Alto Firewalls and Security appliances including Junos SPACE
.Deploy and Manage Firewall change request
.Firewall rule change execution
.Palo Alto firmware & o/s update experience
.Should have average experience in Juniper but expert in Palo Alto Firewalls.
.Should have basic knowledge to Install, Configure, Troubleshoot, maintain, monitor, and support networking hardware mainly related to routers, switches, and enterprise wireless networks (Must)
. Demonstrated knowledge in network security (Must)
. Knowledge in configuring and troubleshooting Palo Alto firewalls, like ACL, Remote Access VPN, IPSEC VPN, NAT, PAT, Clustering,
.Basic knowledge of routing protocols including static, dynamic (BGP, OSPF and EIGRP- Must) and PBR
.Solid understanding of TCP/IP network protocols, including common application protocols
.Demonstrated ability to systematically troubleshoot problems in complex systems and network environments
.Install, configure, Troubleshoot, maintain, monitor, and support networking hardware mainly related to routers, switches, and enterprise wireless networks (Must)
.Strong understanding of LAN Switching technologies (VLANs) (Must)
.LAN communications (including 802.1q-based VLANs, link aggregation & Cisco VTP) (Must)
.WAN communications (including ML-PPP, frame relay & ATM, MPLS) (Desirable)
.Perform network maintenance and system upgrades including service packs, patches, hot fixes, and security configurations.
. Perform network maintenance and system upgrades including service packs, patches, hot fixes and security configurations
. Select and implement security tools, firewalls, policies, and procedures in conjunction with the company’s security team.
.Should have very strong troubleshooting skills as well as a strong TCP understanding as it pertains to packet inspection and TCP flow in the Network and Application flows. A thorough understanding of the OSI network model, Ethernet, TCP/IP networking and application design etc.
.Should have basic knowledge on F5 BIG-IP LTM, GTM, Viprion, EM and ASM devices..
. Good understand of HTTP & HTTPS predicted behavior as well as read the packet content to create or modify custom settings on such behavior
.The Engineer must have a very good hands-on experience in Tufin and Panorama. ( Must)
.The Engineer must have a good understanding and hands on experience in Fabric Switching and SD Wan Tech.
.Expert ability to troubleshoot issues and make recommendations for system changes as needed to resolve issues.
.The Engineer with hands-on experience on Palo Alto Firewall, Panorama, JUN OS, Palo Alto, Websense and F5 BIG-IP LTM, GTM, and ASM devices for hardware refresh and software upgrade. This highly dynamic position will interact with application teams to do the complex configuration and solutions in Firewalls unique to their requirements.
.Should have very good understanding of DNS functionality and concepts as it relates to IPv4 and IPv6.
. Generate reports for utilization, Filtering the traffic , Pushing policies for accepting/rejecting traffic
. Basis knowledge of Window Servers and Linux OS
. Prepare scripts for routine maintenance activity which can then be executed by the operations teams. Routine maintenance work may involve Palo Alto Firewall upgrade, modification, upgradation of exiting configuration from Juniper to Palo Alto etc
.Analyze existing Firewall rules, objects and help customer to mirage on Palo Alto Infrastructure.
.Optimize and migrate policies and objects from existing environment to Palo Alto Networks next generation firewall and standardized in Panorama.
Process Skills:
.Ensure network devices are configured and maintained in accordance with appropriate standards, best practices, and regulatory compliance requirements. Utilize and follow the change management process for network changes.
.Keep abreast of new technologies and recommend adoption as appropriate. Identify areas for automation or other process improvement.
.Train and mentor junior team members.
.Participate in team on-call rotation and provide support during project related cutovers.
.Assist in establishing and enhancing regulatory and compliance processes
.Maintenance of asset information and other documentation.
.Perform duties & responsibilities specific to department functions & activities.
.Performs other duties & responsibilities as required or assigned by supervisor.
.The ability to learn and comprehend basic instructions understand the meanings of words and respond effectively and perform basic arithmetic accurately and quickly.
.Good communication skill
.Should have at least 2 full implementation cycles on any of the above mentioned Firewall which should include overall solution designing, configuration, documentation, knowledge transfer and handover of the load balancers to the client /monitoring team.
.Should be well versed with handling routine day to day maintenance activities on the above mentioned Firewall which may include but not limited to activities like firmware upgrade, addition on new configuration , deletion of old configuration etc.
. Should have good L3-L4 troubleshooting skills including ability to analyze TCP dumps and should have good understanding of basic networking concepts.
.Should have Command line knowledge and expertise in Unix commands.
.
Behavioral Skills:
.Resolve technical issues of projects and Explore alternate designs
.Participates as a team member and fosters teamwork by inter-group coordination within the modules of the project.
.Effectively collaborates and communicates with the stakeholders and ensure client satisfaction
.Train and coach members of project groups to ensure effective knowledge management activity.
Qualification:
.Any Degrees – B.E/B.TECH/M.TECH/BSC/MCA
.Bachelor’s degree in Computer Science or related field (or equivalent experience)
.CCNA Routing/ Switching,
.CCNP Certification (Switching, Routing and (Wireless)
.PCNSA: Palo Alto Networks Certified Network Security Administrator
.PCNSE: Palo Alto Networks Certified Network Security Engineer
.F5 CA, F5 -CTS (LTM/GTM),
.WWSP (Websense Security Certification),
.ITILv3 (Desirable)
Skills
PRIMARY COMPETENCY : Network Security PRIMARY SKILL : Palo Alto PRIMARY SKILL PERCENTAGE : 80 SECONDARY COMPETENCY : Network Security SECONDARY SKILL : Juniper SECONDARY SKILL PERCENTAGE : 20