Firewall Engineer

• Identify and remediate misconfigurations, conflicting rules, security gaps, firewall and load balancer security issues, optimize rule-sets, and enhance the overall security posture and performance of Firewalls and Load Balancers
• Provide Tier 3 support to members of the operations network administrations.
• Maintain all HW and SW components at vendor supported levels.
• Support mission-critical Continuity of Operations (COOP).
• Conduct a minimum of two (2) assessment of firewall each month on CESO and customer devices and generate assessment reports and provide recommendations for improvements.
• Support the creation of network device performance and traffic utilization monthly reports.
• Develop and/or participate in After Action Reports (AARs)
• Provide expert advice and direction regarding the management and operation of all Palo Alto devices in the DISA CESO enterprise architecture.
• Interact with the customer point of contact to set objectives/goals based on Palo Alto Networks technologies and available technology roadmap for architecture and design discussions.
• Evaluate current technologies and processes associated with DISA CESO to identify gaps.
• Provide requirements and strategies for future cybersecurity operations.
• Active participant in meetings with DISA CESO and mission partner working groups.
• Adhere to applicable DOD STIGs, DISA applicable orders, and JSIG policy, guidelines, and regulations.

• Bachelor's degree and 8+ years of directly relevant experience. Add'l experience may be considered in lieu of degree.
• 5+ years of hands-on Cisco / Palo Alto Firewall experience in both engineering and Operations and maintenance roles.
• Strong knowledge of Palo Alto concepts and best practices:

• Panorama Installation
• Panorama HA Config
• Panorama Template and Template Stacks
• Panorama Policy creation and push to group of Firewalls and Verify Push
• Palo Alto Route configuration
• Palo Alto IPSec Site to Site VPN Config and Troubleshooting
• Palo Alto VM in AWS
• Palo Alto IPS Configuration
• Palo Alto Virtual Router / Systems
• Palo Alto Firewall HA

• Experience working in a high op-temp, Top Secret environment.
• Candidate must possess an active DOD Top Secret level security clearance, and be eligible to obtain and maintain a TS/SCI
• Candidate must be willing to take and maintain a CI/Poly
• 8570 IAT Level II Baseline Certification (e.g. CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)

Preferred Qualifications

• Prior experienced with DISA and DISA's support to mission partners

Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits .

The DISA IT Operation within Leidos' Digital Modernization Group is seeking a Firewall Engineer to support the Compartmented Enterprise Services Office (CESO) Task Order for the GIG Service Management - Operations II (GSM-O II) contract. This person should be a seasoned, self-motivated, professional with at least 10 years of hands-on engineering and testing experience in virtualized and cloud environments. A skilled engineer knowledgeable and experienced in developing and implementing Firewall/Networking Security Solutions. With the CESO program, the Defense Information System Agency (DISA) is looking to transform the existing Secure Web Services (SWS) environment, used to provide secure information sharing to the community, into a more mature service offering to meet the DoD and IC community. As part of this task order, Leidos will manage the commercial cloud migration and fully automate the continuous development & continuous integration environment, fourth estate consolidation, professionalize services - ITIL/DevSecOps based processes, improve the customer experience 1st call resolution, and achieve development of a service catalog for Defense Working Capital Fund (DWCF) Model. This position is 100% onsite in Arlington, VA with occasional/situational travel within the Washington Metro Area., Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com .