Reporting directly to the Managing Principal, Firewall, the Firewall Engineer will be responsible for the configuration and management of our customer’s next generation firewall solution in a 24/7 environment. Additionally, you'll update and maintain policies, signatures, and rules to ensure accessibility, provide security and to comply with regulations. You will continuously monitor customer environments to detect and respond to threats. The afternoon shift engineer will be responsible for providing afternoon coverage and will work Monday-Friday 2pm EST- 10pm EST.

If you enjoy being the expert that customers go-to for help solving difficult and dynamic problems and implementing solutions, then we want to hear from you!

In this role, you’ll get to:

• Serve as a technical resource for the customer’s next generation firewall solution (e.g. Palo Alto, Cisco, and Fortinet) providing recommendations and guidance on their implementation
• Analyze and perform Firewall Policy (FW Rules/Objects) Change Management (Create, Deploy, Troubleshoot Policies).
• Provide Policy Audit & Cleanup
• Engage with customer stakeholders for rule management
• Review platform performance and provide tuning & recommendations
• Analyze and evaluate anomalous network and system activity
• Correlate detected network events to identify potential problems or root causes
• Assist in troubleshooting and problem solving a wide variety of client issues
• Participate in projects that involve existing network infrastructure as required
• Participate in a formal incident rapid response process for high priority incidents
• Collaborate with the team to ensure that an incident's underlying problems are managed and resolved
• Implement network change in the context of incident resolution, problem management and service requests
• Be aware of and follow existing network management change procedures
• Work outside of normal business hours when required (scheduled maintenance, outage response, last minute urgent requests, rotating on-call)
• Working with global IT teams
• Provide Tier 2 Firewall Support for Customers
• Provide Vendor Escalation Management

To be successful in this role, you’ll need to:

• Possess progressive experience in networking and network security, including familiarity with advanced firewalling, VPN's, Web Proxies, Network Antivirus, IDS/IPS, and enterprise routing and switching
• Demonstrate strong familiarity in implementing and troubleshooting firewall technologies
• Familiarity with enterprise network design, implementation, and operations
• Obtain and/or are willing to obtain industry relevant professional level certifications
• Demonstrate a professional level understanding of TCP and UDP including the ability to identify root causes of illusive problems through packet capture analysis
• Strong understanding of IP Addressing and Subnetting (IPv4)
• Possess experience implementing and troubleshooting HA firewall clusters
• Possess professional level understanding of IPsec VPNs as well as real world implementation and troubleshooting experience
• Demonstrate a professional understanding of industry standard policies, regulations, and compliance
• Demonstrate an expert understanding of popular network communications protocols such as DNS, HTTP, etc.
• Must be able to perform Firewall Change Request reviews, determine if the change requests meet the requirements and security best practices, be comfortable approving and rejecting change requests, and providing customer friendly and supportive response if a request is rejected
• Strong documentation skills required
• Strong customer skills

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.;
• A lawful permanent resident of the United States;
• A person admitted to the United States as a refugee; or
• A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

Statutory Pay Disclosure:

For applicants in NYC, CO, CA, RI, and WA, the salary range for this role is $74,375 to $105,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

#LI-KH1