Palo Alto Security Engineer (remote)

US Government contract. Candidates MUST be a US Citizen for consideration. Work is mostly remote but candidates in the DC Metro area will be given preference. 

Work individually or in a small integrated team, and potentially lead a task, project, or team to analyze root causes and resolve issues. Assist more senior level technicians, specialists, and managers in their activities. Provide expertise in the engineering design, development, direction, and implementation of enterprise network cyber defense capabilities. Apply familiarity with the utilization, configuration, and implementation of cyber defense capabilities, including firewalls, Host Based Security Systems, web content filters, email security capabilities, Intrusion Detection System, Intrusion Prevention System, Security Incident and Event Management tools, Domain Name System security practices, advanced log analysis, network monitoring, network flow analysis,
packet capture analysis, network proxies, anti-virus capabilities, Linux/UNIX command line, and access control lists.

What You'll Get To Do:

• Participate on a team of skilled network security engineers responsible for the ingratiation, operations, and sustainment of a suite of enterprise class Cybersecurity technologies

• Perform the planning and implementing policy changes on Palo Alto next generation firewalls

• Assists in the analyses and design of a world wide network security architecture

• Administer configuration changes on enterprise load balancers that include enterprise TLS break/inspect

• Work focused special projects both independently and within a group

• Participate in the investigation and documentation of security related incidents

• Implement corrective measures in response to emerging network security threats

• Brief senior contract leadership and government stakeholders on the current status of the enterprise network security posture

You'll Bring These Qualifications:

• 4+ years of experience with privileged and elevated access using cybersecurity tools, especially Palo Alto Firewalls
• US Citizen with clear background (active Public Trust clearance is preferred)
• Experience with Windows and Linux, including installing, configuring, or maintaining servers operating systems and applications
• Experience working with STIGs, SCAP, and cybersecurity best practices
• Knowledge of Risk Management Frameworks
• HS diploma or GED and 7+ years of experience conducting or supporting cyber engineering projects and activities, Associate’s degree and 5+ years of experience conducting or supporting cyber engineering projects and activities, Bachelor’s degree and 3+ years of experience conducting or supporting cyber engineering projects and activities, or Master’s degree and 1+ years of experience conducting or supporting cyber engineering projects and activities

Nice to Haves:

• Palo Alto certifications (PNCSA, PNCSE)
• Trellix Endpoint Security Suite (ESS) (or former McAfee HBSS, ePO, FireEye MVX, NX, HX, PX, IA, AX, IAS PCAP), Splunk/Cribl, or ForeScout experience
• Experience with Cloud Enterprise, authorizing cloud systems, and Cloud services, including AWS, Azure, or GCP
• Experience with big data analytics, machine learning, artificial intelligence, or anomaly detection
• Experience with Zero-Trust Architecture
• Experience with DevSecOps, CI/CD, IaC and CaC, IT Infrastructure Library, and IT Service Management
• Experience in a consulting or client-facing environment
• Ability to automate security configurations of Linux and Windows systems, and recommend and implement remediations for non-compliant security controls