The Firewall Engineer plans and conducts the hardware refresh of EOL Perimeter equipment. The focus is on upgrading Nokia IPSO platform to Checkpoint GAIA and upgrading Juniper Netscreen to Juniper SRX. This position will require some weekend off hours work to perform the swap-outs of boxes that are in production.
Responsibilities:
- Interface with technology engagement teams in order to gather, analyze and understand a variety of existing and emerging business requirements.
- Identify old models which are in production and no longer supported, no longer meet business requirements or otherwise need to be replaced
- Look at configuration of the old box, understand the configuration and develop design diagrams/documentation for the replacement
- Engineer and build the new box so that it matches the configuration of the old box which will be replaced. This includes loading the O/S, laying down the Firewall application and security commands.
- Work with Technical Project Manager though the equipment procurement and change management approval process.
- Ship the new box to the Data Center and work with the Rack and Stack team on the decommissioning of the old box.
- Troubleshoot any boxes returned by the Firewall Administration team
- Manages to multiple deadlines, priorities and diverse set requirements.
Requirements:
- Bachelor’s degree and 5-10 years of IT experience with firewalls and High Availability production environments.
- Hands on experience imaging fresh from factory boxes - loading Checkpoint GAIA platform (2012 appliances) and/or Juniper SRX platform,.
- Strong engineering minded individual with polished collaboration, written, and communication skills and a proven track record interacting with various levels of management, clients and technical team members in delivering technical perimeter solutions.
- DMZ Network infrastructure knowledge including topology, security policies, firewalls and the L2/L3 switch and router infrastructure.
- Strong knowledge of network routing/switching (routing protocols, multicast, other LAN protocols).
- Functional understanding of diverse set of networked applications requiring perimeter management solutions, including HTTP, HTTPS, SSH, FTP, DNS, NTP, ANYCAST services, and others.