Network Security Engineer

Title: Network Security Engineer
Location: Marysville, OH, (Onsite)
Duration: 12+ months Contract (with possible extension)

Position Summary
The Network Security Administrator is responsible for protecting the organization's network infrastructure through proactive monitoring, configuration, and management of nextgeneration firewalls and related security technologies. This role focuses heavily on Palo Alto Networks and Cisco ASA/Firepower firewalls, ensuring secure and reliable connectivity across enterprise environments. The specialist will be a key contributor to incident response, threat mitigation, and continuous improvement of security controls.
Key Responsibilities:
Firewall & Network Security Administration:
Configure, manage, and maintain Palo Alto NextGeneration Firewalls (NGFW), including policies, objects, NAT rules, IDS/IPS policies, AppID, UserID, threat prevention profiles, and Global Protect software client, always on VPN and SASE principles.
Administer and troubleshoot Cisco ASA, Cisco Firepower, and FTD devices, including ACLs, VPNs, and IDS/IPS policies.
Perform regular firewall rule reviews, cleanup, and optimization to improve performance and reduce risk.
Security Operations & Monitoring:
Monitor network security alerts, traffic anomalies, and firewall logs using tools such as Panorama, Cisco FMC, SIEM platforms, and packet capture utilities.
Investigate and remediate network-based security incidents, coordinating with SOC or incident response teams, as necessary.
Perform security event correlation and escalation following established SOPs
Network Infrastructure Support:
Support secure network connectivity across data centers, branch sites, cloud environments, and remote access solutions.
Troubleshoot layer 2/3 issues related to routing, switching, VPN tunnels, and connectivity impacts to security appliances.
Assist in deploying secure architectures for new network builds, migrations, and cloud integrations.
Position requirements:
Overtime, frequency depends on business needs and support requirements for production infrastructure
On call availability, PC equipment & access provided for quick response to incidents, anytime; providing support, troubleshooting & resolve remote or on-site
Weekend and or adjusted shift required to execute & verify system changes for the application, Application hardware or software
Open office environment, align with all plant policies and all required training
On-Site current requirements are four days on-site with one day as remote capable if desired, 40+ hours weekly.
Candidate will be within published commute requirements of a customer manufacturing facility in CA, OH, NC, SC, IN, AL, or GA
Compliance & Documentation:
Maintain accurate documentation of firewall configurations, network diagrams, and operational procedures.
Assist with compliance activities related to frameworks such as NIST, ISO 27001, CIS, or PCI-DSS.
Contribute to security hardening standards and bestpractice enforcement.

Required Qualifications:
3 7 years of experience in network security operations or firewall engineering.
Handson experience with:
o Palo Alto Networks NGFW (PAseries), Panorama, and Global Protect.
o Cisco ASA, Cisco Firepower, FMC, and sitetosite/remote access VPNs.
Strong understanding of IP networking (TCP/IP, routing, switching, VLANs, BGP/OSPF, NAT).
Experience with log analysis, packet captures, and troubleshooting tools (e.g., Wireshark).
Knowledge of threat prevention technologies (IDS/IPS, URL filtering, DNS security, malware analysis).

Preferred Qualifications:
Relevant certifications such as:
o PCNSE, PCNSA (Palo Alto)
o CCNP Security, CCNA Security (Cisco)
o Security+, CySA+, CEH, or GSEC
Experience with SIEM tools (Splunk, Sentinel, QRadar).
Familiarity with cloud security for Azure, AWS, or Google Cloud Platform.
Scripting experience (Ansible, Python, PowerShell, or similar) for automation is a plus.
Key Competencies:
Strong analytical and troubleshooting skills.
Ability to prioritize and work in fastpaced operational environments where production or system downtime requires immediate attention even if cause is unknown.
Effective communication and documentation abilities. Technical writing skills a plus.
Securitydriven mindset with attention to detail.