Network Engineer - Firewall CCNP

Title: Network Engineer - Firewall CCNP

Location: Warren, MI (Only Locals)

Duration: 18 months

Position Overview: The Firewall Engineer will provide network security support for enterprise firewall configuration, remediation, and refresh activities as part of the Get Healthy program. This is an onsite role in Warren, MI, five (5) days per week on an 18-month contract. The engineer will work in close coordination with network security stakeholders and broader network engineering teams throughout change windows and site-level upgrades

.
Responsibilitie

• s:Firewall Configuration, Rule Management, and Clean
• upPerform firewall configuration, rule updates, and cleanup activities in support of network security refresh initiative
• s.Audit and rationalize existing firewall rule sets, removing redundant, overly permissive, or outdated policie
• s.Validate configurations post-deployment to confirm accuracy and intended policy enforceme

nt
Firewall Refresh Supp

• ortSupport firewall refresh activities tied to site-level or network upgrade projec
• ts.Assist with pre-refresh planning, policy migration, and hardware readiness validati
• on.Coordinate with network engineering teams to align firewall changes with infrastructure refresh schedul

es.
Troubleshooting and Issue Resolu

• tionTroubleshoot and resolve connectivity issues arising from firewall policy changes or refresh activit
• ies.Perform root cause analysis and implement corrective actions; escalate complex issues as appropri

ate.
Implementation Sequencing and Stabiliz

• ationAssist teams with sequencing and coordination during scheduled change win
• dows.Support post-change stabilization efforts and document change activities per WWT and customer stand

ards.
Qualifica

• tions:5 years of hands-on experience in network security engineering with a focus on firewall administr
• ation.Active Cisco CCNP Security certification req
• uired.Demonstrated experience with enterprise firewall platforms (Palo Alto PAN-OS, Cisco Firepower/FTD, Cisco ASA, Fortinet FortiGate, or equiva
• lent).Strong proficiency in firewall rule lifecycle management, including auditing, cleanup, and policy optimiz
• ation.Experience supporting firewall refresh or migration projects in large enterprise environ
• ments.Solid understanding of network protocols (TCP/IP, DNS, IPsec, BGP, OSPF) and their interaction with firewall p
• olicy.Familiarity with enterprise change management processes, including CAB participation and change window exec
• ution.Additional certifications preferred (Palo Alto PCNSE, Fortinet NSE 4 , or CompTIA Secur
• ity ).Excellent communication and collaboration skills; ability to work across security, network, and project
• teams.Must be available to work onsite in Warren, MI five (5) days per week for the duration of the engag

ement.
Tools and Techno

• logies:Firewall Platforms: Palo Alto Networks (PAN-OS / Panorama), Cisco Firepower / FTD, Cisco ASA, Fortinet FortiGate, or equ
• ivalentSecurity Protocols: IPsec, SSL/TLS, NAT, PAT, ACLs, Zone-Based Firewall p
• oliciesNetwork Protocols: TCP/IP, BGP, OSPF, DNS, DHCP, VLAN,
• 802.1QMonitoring & Diagnostics: Syslog, Wireshark / packet capture tools, SIEM inte
• grationChange & Configuration Management: ServiceNow or equivalent ITSM/CAB platforms; Visio or equivalent for docume