Network Security Engineer

As a Network Security Engineer III working remotely, you will be responsible for supporting a large-scale Firewall Migration Project involving the transition of firewalls from Cisco ASA to Cisco Firepower and Palo Alto Next-Gen Firewalls. You will collaborate closely with technical leads to execute migration activities, validate configurations, and provide post-migration troubleshooting support. Your key responsibilities will include participating in the migration and configuration conversion of Cisco ASA to Palo Alto (1410 VSYS, 1410 Single Tenant & VM-Series) and Cisco Firepower with ASA Code or FTD. You will configure and validate NAT policies (Static, Dynamic), Site-to-Site VPNs, Client-to-Site VPNs (AnyConnect/Global Protect), Firewall Policies, HA, SSL VPNs, and NextGen features (IPS/IDS). Additionally, you will be expected to have a strong understanding of change/Incident management processes, conduct pre- and post-migration validation, support change windows, and participate in troubleshooting during cutovers. Documenting configurations and migration steps, as well as collaborating with L4 engineers and stakeholders during complex migrations, will also be part of your role. To succeed in this position, you must have hands-on experience with Cisco ASA, Cisco FTD/Firepower, and Palo Alto NGFW (including 1410, VM-Series, VSYS). You should possess a strong command of Cisco ASA functionalities such as ACL, VPN setup (IPSec/SSL), AnyConnect, HA Setup, NAT, Policy Management, and OS Upgrade, as well as Palo Alto functionalities including VPN setup (IPSec/SSL), Global protect, HA Setup, NAT, Policy Management, and PANOS Upgrade. Knowledge of routing protocols (Static, OSPF, BGP) and switching fundamentals, experience in ASA to Palo Alto/Firepower config conversion, and familiarity with tools like Expedition, Migration Manager, or similar are also essential. Additionally, solid troubleshooting and packet capture analysis skills are required. In terms of soft skills and professional attributes, you should have excellent interpersonal and communication skills to effectively communicate technical concepts to various audiences. Strong documentation abilities for creating and maintaining technical documentation and procedures, as well as flexibility, proactiveness, and self-driven qualities to demonstrate initiative, reliability, and adaptability in dynamic environments, are highly valued. Preferred certifications for this role include Cisco Certifications such as CCNP Security/CCNP R&S and Palo Alto Certifications like PCNSA/PCNSE.,