Network Security Engineer (Firewall Policy / Algosec)

Work you’ll do:

• The key job responsibilities will be to:

• Lead the end-to-end implementation of the Algosec Security Management Suite, including initial requirements gathering, planning, and project execution.

• Assess client environments to determine integration requirements and customize Algosec deployments to fit unique network topologies.

• Collaborate with stakeholders to define and document firewall and network security objectives for Algosec rollout.

• Configure connectors, agents, and integrations with firewalls, routers, switches, cloud platforms, and other network devices.

• Test and validate Algosec deployments to ensure accurate policy analysis, risk assessment, and connectivity mapping.

• Develop and execute implementation plans, including pilot phases, production rollouts, and post-implementation reviews.

• Conduct user acceptance testing (UAT) and resolve any deployment-related issues or bugs.

• Train end-users and administrators on Algosec features, workflows, and best practices post-implementation.

• Create detailed documentation covering the deployed architecture, configuration steps, operational procedures, and troubleshooting guides.

• Ensure smooth handover to operations or managed services teams, providing ongoing support for transition and optimization.

• Conduct regular audits of firewall configurations to ensure consistency with security baselines and reduce policy violations.

• Perform risk analysis for proposed network changes and advise stakeholders on security impacts.

• Monitor firewall rule changes for unauthorized activity and maintain proper audit trails.

• Collaborate with network and security teams to design secure network architectures and segmentation strategies.

• Troubleshoot and resolve complex firewall and network connectivity issues identified by Algosec or through operational incidents.

• Assist in migration projects by analyzing and updating firewall policies during data center, cloud, or application migrations.

• Enforce least-privilege principles by identifying and removing redundant, obsolete, or overly permissive firewall rules.

• Stay updated on cybersecurity threats and recommend Algosec updates or enhancements accordingly.

• Participate in disaster recovery and business continuity planning for critical network security components.

• Provide subject matter expertise during client meetings, architecture reviews, and security assessments.

• Operational tasks such as Level 2 & 3 on-call technical support for the Palo Alto Firewall Engineering; including assisting clients with issues and escalation

• Provide technical support during implementations and troubleshoot issues

• Configuring VLANs/routing/NAT with the Palo Alto Firewalls as per the design

• Provide VPN management and administration. Configuring Site to Site VPNs, Zoning Failover, defining and managing the Firewall policies

• Responsible for designing and deploying various network security & High Availability features in Palo Alto Firewalls

• Understanding migration of Cisco ASA configuration to Palo Alto

• Administer the process and review, approve and execute policy change requests

• Plan and conduct software & firmware upgrades as needed

• Design and provide guidance on areas around network security and secure enterprise network architecture, providing solution inputs and help identifying the security controls for enterprise networks

• Required skills

• Candidate should have overall 5+ years’ experience with Algosec implementation/operations, Firewall implementation/operations and troubleshooting expertise

• Strong understanding of network security principles (including firewall architectures, segmentation, and access control)

• Hands-on experience with major firewall platforms (such as Palo Alto Networks, Check Point, Cisco ASA/Firepower, Fortinet)

• Familiarity with Algosec Security Management Suite components, deployment, and configuration.

• Proficiency in TCP/IP networking (routing, switching, NAT, VPNs, VLANs)

• Experience with network policy and security rule analysis for optimization and compliance

• Ability to integrate and configure Algosec with various network devices and platforms (on-premises, cloud, or hybrid)

• Basic scripting or automation skills (e.g., Python, use of REST APIs) for streamlined deployment and configuration

• Project management and documentation skills for planning, tracking, and knowledge transfer during implementation

• Problem-solving and troubleshooting abilities to resolve deployment and integration challenges.

• Strong communication and client-facing skills for requirements gathering, training, and stakeholder engagement

• Experience with Panorama Firewall Administration, Rule Analysis, Rule Modification

• Expertise in packet analysis and network traffic flow identification

• Fast troubleshooting and problem-solving skills on Palo Alto

• Ability to analyze network packet traces (PCAP).

• Knowledge on implementing, administering and maintaining IPSec Site-to-Site VPNs. Implementation of the VPN includes Internet Key Exchange Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic.

• Understanding and implementation of network traffic analysis, remote access methods and systems, stateful inspection firewalls, encryption, authentication and authorization technology.

• Hands-on technical experience working with VPN technologies (IPSEC, SSL VPN, WebVPN,

• AnyConnect, DMVPN, etc.). Experience in implementing Split tunneling on VPN’s.

• Experience in Palo Alto/Cisco ASA Firewalls on Stateful inspection, and Global rule base, address spoofing.

• Proficient understanding of IT infrastructure and security

• Proficient understanding of relevant security technologies, such as malware management, network forensics, flow analysis, IDS/IPS, etc.

• Experience developing reports for software and version compliance

• Ability to suggest/recommend remediation to stakeholders, including executives, risk and security team members

• Ability to provide documentation and analytical skills; documenting processes, policies and standards

• Effective written and communication skills

• Basic understanding of Industry standards in operations such as ITIL processes (e.g. Change Management, Configuration Management, Problem Management, Incident Management), SixSigma standards etc.

• Preferred:

• Firewall certifications such as Palo Alto Networks Accredited Configuration Engineer (ACE), Palo Alto Networks Certified Network Security Engineer (PCNSE), Cisco Certified Network Professional (CCNP)

• Palo Alto Networks Certified Network Security Engineer (PCNSE)

• Check Point Certified Security Administrator/Expert (CCSA/CCSE)

• Fortinet Network Security Expert (NSE)

• Cisco Certified CyberOps Associate / Cisco Certified Network Associate – Security (CCNA Security)

• Cisco Certified Specialist – Security Core

• Should have played a lead role in client engagements

• Qualification

• B.Tech/M.Tech/MS/MBA

• Location:

• Bengaluru/Hyderabad/Pune/Chennai/Kolkata

Interested candidates, please share your resume at srinivasarao.arepalli@quesscorp.com