Looking for a Sr. Firewall Engineer. The Sr. Firewall Engineer will be responsible for the planning, architecting, designing, engineering, implementation, and support of security solutions for the State of Maryland DoIT Security Operations Center (SOC) with a special focus on enterprise firewall systems.
the candidate must poses the following abilities:
Duties and Responsibilities:
- Serve as Technical Leads/SME for their areas of responsibilities
- Initiate, plan, and execute infrastructure projects in their areas of responsibilities
- Be strategic/visionary in planning, managing, and maintaining systems in their areas of responsibilities through their System Development Life Cycle
- Be liaison/interface between the SOC team and the customer Sr. Management in subject matters of their areas on responsibilities.
- Able to assume full responsibilities of their areas of responsibilities on Day 1 (significant experience building from scratch, supporting, and troubleshooting systems under their responsibilities)
Qualifications: Education and Years of Experience:
- Gathering requirements, planning, proposing, and executing system deployment projects to successful closure.
- Gap assessment and analysis of security solutions and recommendation of improvement initiatives.
- Architecture, design, and implementation of scalable, redundant, and reliable firewall solutions.
- Security hardening firewall configurations.
- Configuration management and control of architectural/design/functional configuration changes to firewalls.
- Firewall brake-fix troubleshooting, root cause analysis, and support.
- Firewall patch/upgrade monitoring, reviews, maintenance scheduling and deployment.
- Management of firewall operational and security audits logs.
- Definition, development, and configuration of firewall security and operational alerts, dashboards, and reporting.
- Monitoring firewall operational and security alerts and dashboards.
- Defining, implementing, and monitoring process/procedures for maintaining the lifecycle firewall policies and rules.
- Configuration, maintenance, and support of additional firewall services such as URL filtering, Malware Sandboxing Analysis, Threat Intelligence Feeds, Threat Prevention, User ID etc.
- Provide firewall log correlation support for emerging and retroactive security incident investigations.
- Support the integration with other security tools such IDS/IPS, SIEM, NACs, VPN etc.
- Define requirements and develop roles-based Standard Operating Procedure (SOPs) documents.
The proposed candidate must have:
- At least ten (10) years of hands-on experience in Network Engineering/Architecture.
- At least three (5) years of Technical Lead responsibilities on system management /deployment projects.
- At least five (5) years of progressive hands-on experience in architecture, design, implementation, support of firewall technologies.
- Bachelor's degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering or related scientific or technical discipline.
- Self-starter, able to gather requirements, plan, execute firewall architecting and deployment efforts.
- Able to perform gap analysis and initiate and execute architectural improvements.
- Must have strong hands-on experience with Palo Alto and Juniper SRX firewalls and associated services
- Holds Palo Alto and Juniper certifications i.e., Palo Alto PCNSE and Juniper JNCIP-SEC.
- Strong demonstrated experience with network security architecture, design, and implementation best-practices i.e., Defense-in-depth architecture, knowledge of emerging Zero Trust architecture.
- Hands-on experience with firewall architecture, design, and implementation.
- Hands-on experience with operational and security hardening configuration for firewall solutions.
- Hands-on experience with configuration management and change control for firewall solutions.
- Demonstrated experience with networking and switching protocols and infrastructure services, able to troubleshoot and identify DNS, DHCP, WiFi protocols, NTP, routing, switching, and firewall issues affecting connectivity of applications and services.
- Must have working knowledge and understanding of network infrastructure components such as Routers, Switches, IDS, IPS, NAC, VPN Gateways, Wireless APs etc.
- Customer-oriented with excellent issue follow-through and resolution abilities.
- Outstanding leadership and organizational skills.
- Utilize tools and analytical skills to plan and execute technical changes.
- Excellent written and oral communication, and presentation skills.
- Ability to effectively work both autonomously as well as on a team.
- Outstanding interpersonal skills, strong work ethic, self-motivated and excellent presentation skills.
- CISSP, CompTIA Security +, CCNA/CCNP Security, or relevant networking industry certifications
- Cisco CCNA or CompTIA Network + or relevant networking industry certifications
- Experience in project task technical analysis, planning, and estimation
- Experience with technology capabilities market research, technical analysis/review, and recommendation
Crownsville, MD. Partially Remote
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or