Network Security Engineer

Job Title: Network Security Engineer

Location: Elma, NY 14059

Job Type: 06 Months / Contract

Note:

• This is a Hybrid position (Two days remotely and 3 days will be in the office)

Job Description:

• Seeking an experienced Network Security Engineer with strong expertise in firewall hardening, policy design, and network security operations.
• The candidate will be responsible for analysing project requests and translating them into effective firewall rules and policy configurations.
• The role includes coordinating with project stakeholders to ensure security requirements are met and implemented correctly.
• Experience with Palo Alto & Tufin for firewall policy management is highly desirable.
• Additional experience in designing and implementing network segmentation strategies is a strong advantage.

Key Responsibilities:

• Design, implement, and maintain secure firewall policies aligned with business and security requirements
• Perform firewall hardening activities, including rulebase optimisation, risk reduction, and compliance alignment
• Analyse incoming project and business requests, translating them into well-defined firewall rules and security policies
• Collaborate with project managers, network engineers, and security teams to ensure requirements are accurately implemented
• Conduct impact analysis and risk assessments for proposed firewall changes
• Manage firewall policy changes through established change control processes
• Monitor and troubleshoot firewall-related issues, ensuring high availability and performance
• Maintain documentation for firewall rules, configurations, and design standards

Required Experience & Skills:

• 5–8 years of experience in network security engineering
• Strong hands-on experience with Palo Alto Networks firewalls (PAN-OS)
• Deep understanding of firewall rulebases, NAT policies, zones, and security profiles
• Experience with firewall hardening, audit remediation, and compliance frameworks
• Proven ability to translate business requirements into technical security controls
• Strong analytical and problem-solving skills
• Experience working in structured project environments with multiple stakeholders

Preferred Skills:

• Experience with Tufin (or similar firewall policy orchestration tools) for rule analysis, automation, and compliance
• Experience designing and implementing network segmentation (including micro-segmentation strategies)
• Familiarity with cloud security (AWS, Azure) and hybrid network environments
• Knowledge of zero trust architecture principles

Certifications (Preferred/Desired):

• Palo Alto Networks Certified Network Security Engineer (PCNSE) – strongly preferred
• Palo Alto Networks Certified Network Security Administrator (PCNSA)
• CISSP, CISM, or equivalent security certification (nice to have)
• Relevant networking certifications such as CCNP Security or equivalent

Additional Requirements:

• Strong communication skills with the ability to work across technical and non-technical teams
• Ability to work independently and manage multiple priorities in a fast-paced environment
• Experience in regulated environments or with security compliance standards is a plus