Job Summary:

A Firewall Architect job in Springfield, VA is currently available through Belcan at one of our key Federal Civilian clients.  To be considered for this role, you will have a BS in Computer Science and 10+ years of relevant experience.

Job Duties:

• Design and architect robust firewall solutions, including network segmentation, access control, and for both on-prem and cloud-based solutions. 
• Develop, review, and approve security policies and standards for firewall deployment. 
• Create and maintain comprehensive network firewall diagrams, flow charts, and documentation for all products. 
• Provide subject matter expertise and technical consultation to other teams on design and best practices. 
• Oversee the installation, configuration, and maintenance of firewalls, VPNs, and other network security devices. 
• Design the firewall rule base, ensuring adherence to least privilege principles and business requirements. 
• Upon request by Division management, participate in security incident response, post-event analysis, and the development of incident response procedures. 
• Stay current with emerging technologies, and industry trends. 
• Conduct security assessments and testing to identify and mitigate vulnerabilities. 
• Collaborate with vendors to evaluate and implement new products. 
• Communicate technical solutions and risks to both technical and executive audiences. 
• Lead and mentor the firewall engineering team, offering guidance and technical expertise.
• Work closely with network engineers to design the best solutions for the network.

Required Qualifications:

• Top Secret Clearance
• Deep technical knowledge of firewall technologies (e.g., Palo Alto, Fortinet).
• Experience engineering Cloudflare solutions leveraging RBI and implementations
• Experience integration with Okta integrations
• Experience with Azure Portal based integrations.
• Ability to work with network engineers to understand design and impacts on firewall architecture
• Demonstrated experience with NAT'ing, URI redirect and Origin rules
• Experience with TLS inspection on the Palo Alto firewalls
• Provided guidance to NPA on creating a "new zone" with Cloudflare for the first time
• Engaged with Palo Alto Vendor on TLS Inspection sizing effort
• Experience with integration of vCenter with Okta and Cloudflare
• Experienced with designing solutions leveraging AWS-S
• Expertise with PDNS and Zscaler to support global deployments.
• Experienced with Zscaler and Zscaler's DNS gateway and converting unencrypted, plaintext DNS queries into encrypted DNS-over-HTTPS (DoH) traffic
• Deep knowledge of Panorama
• Experience with asymmetric routing issues
• Familiarity with usage of MDCA logs.

Preferred Qualifications & Skills:

• Proven experience as a firewall architect, network architect, or similar role focused on network security.
• Proficiency in network protocols, routing, and network segmentation.
• Familiarity with cloud networking and SD-WAN technologies.
• Experience with security incident response and vulnerability management.
• Strong documentation and diagramming skills.
• Excellent communication and leadership skills.
• Relevant certifications are a plus.