Firewall Poilcy Engineer
Alpharetta, Georgia, United States of America
Contract
18 hours ago
$45 USD
Key skills
PythonBashPowerShellAWSAzureGoogle CloudSplunkServiceNowCommunicationCollaborationCloud SecurityFirewall
About this role
Location: Alpharetta, GA
Salary: $45.00 USD Hourly - $50.00 USD Hourly
Description:
Role: Firewall Policy Engineer
Location: Alpharetta, GA || Columbus, OH || Omaha, NE
Duration: 6+ Months (Contract to Hire)
Job Description:
The Firewall Policy Engineer will be responsible for designing, implementing, and maintaining enterprise-level firewall policies that safeguard critical business systems across a complex, multi-data center environment. This role requires close collaboration with network, security engineering, and operations teams to ensure secure connectivity, policy consistency, and alignment with organizational standards. The ideal candidate has deep hands-on expertise with next-generation firewalls, policy orchestration tools, and troubleshooting in high-availability environments.
Primary Responsibilities
Basic Qualifications
Preferred Qualifications
Education
Travel
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
Contact:
This job and many more are available through The Judge Group. Please apply with us today!
Salary: $45.00 USD Hourly - $50.00 USD Hourly
Description:
Role: Firewall Policy Engineer
Location: Alpharetta, GA || Columbus, OH || Omaha, NE
Duration: 6+ Months (Contract to Hire)
Job Description:
The Firewall Policy Engineer will be responsible for designing, implementing, and maintaining enterprise-level firewall policies that safeguard critical business systems across a complex, multi-data center environment. This role requires close collaboration with network, security engineering, and operations teams to ensure secure connectivity, policy consistency, and alignment with organizational standards. The ideal candidate has deep hands-on expertise with next-generation firewalls, policy orchestration tools, and troubleshooting in high-availability environments.
Primary Responsibilities
- Design, implement, and maintain firewall policies across Palo Alto Networks and Check Point platforms.
- Manage the full firewall rule lifecycle, including creation, optimization, cleanup, and decommissioning.
- Configure and troubleshoot NAT policies (static, dynamic, hide, and bidirectional) to ensure accurate and secure traffic flow.
- Configure, review, and troubleshoot firewall routing (static routes, virtual routers, PBF, and dynamic routing integrations) to support proper traffic pathing.
- Utilize Tufin SecureChange or similar policy orchestration tools to analyze rule bases, streamline workflows, and automate change processes.
- Review and process firewall policy change requests following governance, compliance, and security best practices.
- Perform root cause analysis and troubleshooting of firewall issues, access problems, and basic network connectivity concerns.
- Collaborate with Network, Security Engineering, Governance, and Operations teams to ensure policy consistency across global environments.
- Manage change, incident, and request tasks using ServiceNow or equivalent ITSM platforms.
- Contribute to policy automation and workflow efficiency through scripting (Python, PowerShell, or similar).
- Support documentation, knowledge management, and policy governance processes.
Basic Qualifications
- 3-5+ years of hands-on experience with enterprise firewall technologies.
- Strong expertise with Palo Alto Networks and Check Point firewalls.
- Including deep knowledge of Palo Alto zone-based architecture, zone creation, security zone mapping, inter-zone behavior, and zone-to-zone policy design.
- Experience with policy management solutions such as Tufin, FireMon, or AlgoSec.
- Familiarity with log analysis and event correlation using Splunk.
- Working knowledge of ServiceNow for change, incident, and problem management.
- Strong understanding of core networking concepts:
- TCP/IP, routing, switching
- VPN (IPSec, SSL), NAT, DMZ architectures
- DNS, proxy services, network segmentation
- Ability to read packet captures and perform basic traffic analysis.
- Strong documentation, communication, and analytical problem-solving skills.
- Ability to work independently and collaboratively in fast-paced, distributed environments.
Preferred Qualifications
- Experience performing firewall rule analysis, risk assessments, and compliance reviews.
- Scripting experience (Python, Bash, PowerShell) for automation and workflow enhancement.
- Experience with large-scale, highly available multi-data center environments.
- Relevant certifications such as:
- Palo Alto ACE / PCNSA / PCNSE
- Check Point CCSA / CCSE
- Tufin Certified Administrator / Tufin Certified Security Expert
- Network+ / Security+ or similar
- Exposure to cloud security controls (AWS, Azure, Google Cloud Platform).
Education
- Bachelor's degree in Information Security, Information Technology, Computer Science, or equivalent field.
- High school diploma with 4+ years of relevant hands-on experience will be considered.
Travel
- Occasional travel may be required for internal meetings, training, or conferences.
By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
Contact:
This job and many more are available through The Judge Group. Please apply with us today!