Firewall Security Engineer

Design, configure, and deploy firewall rules on Fortinet FortiGate, Azure Firewall, Azure Network Security Groups (NSGs), and AWS Security Groups/Network Firewall. Utilize AlgoSec for automated policy management, rule optimization, and compliance checks across on-premises and cloud environments (AWS, Azure). Analyze network traffic and security requirements to create optimized, secure firewall rule sets, minimizing risks and ensuring performance. Conduct firewall rule audits, cleanups, and optimizations to eliminate redundant or unused rules, using tools like AlgoSec's Firewall Analyzer or CloudFlow. Troubleshoot and resolve firewall-related issues, including connectivity, misconfigurations, and performance bottlenecks, using packet captures, logs, and CLI. Collaborate with network and security teams to align firewall policies with business needs and compliance standards (e.g., PCI-DSS, HIPAA, GDPR). Implement and manage VPNs, NAT policies, and application-layer controls across hybrid cloud environments. Document firewall configurations, rule changes, and processes for auditing and compliance purposes. Provide knowledge transfer to internal teams on firewall management and AlgoSec workflows. Stay current on Fortinet, Azure, AWS, and AlgoSec updates, as well as emerging security threats and best practices., * Design, configure, and deploy firewall rules on Fortinet FortiGate, Azure Firewall, Azure NSGs, and AWS Security Groups/Network Firewall

• Utilize AlgoSec for automated policy management, rule optimization, and compliance checks across on-premises and cloud environments (AWS, Azure)
• Analyze network traffic and security requirements to create optimized, secure firewall rule sets, minimizing risks and ensuring performance
• Conduct firewall rule audits, cleanups, and optimizations to eliminate redundant or unused rules, using tools like AlgoSec's Firewall Analyzer or CloudFlow
• Troubleshoot and resolve firewall-related issues, including connectivity, misconfigurations, and performance bottlenecks, using packet captures, logs, and CLI
• Collaborate with network and security teams to align firewall policies with business needs and compliance standards (e.g., PCI-DSS, HIPAA, GDPR)
• Implement and manage VPNs, NAT policies, and application-layer controls across hybrid cloud environments
• Document firewall configurations, rule changes, and processes for auditing and compliance purposes
• Provide knowledge transfer to internal teams on firewall management and AlgoSec workflows
• Stay current on Fortinet, Azure, AWS, and AlgoSec updates, as well as emerging security threats and best practices

• Fortinet certifications (NSE 4, NSE 5, NSE 7) and/or cloud certifications (e.g., AWS Certified Advanced Networking, Azure Security Engineer Associate)
• Experience with other firewall platforms (e.g., Palo Alto, Check Point, Cisco) for broader context
• Knowledge of SD-WAN, IPS, and application control in cloud and on-premises environments
• Expertise in Fortinet FortiGate, FortiManager, FortiAnalyzer, Azure Firewall, Azure NSGs, and AWS Network Firewall/Security Groups
• Strong understanding of IPsec/SSL VPNs, stateful inspection, and Layer 3/4/7 firewall capabilities
• Familiarity with cloud-native tools (e.g., AWS VPC Flow Logs, Azure Monitor) and network monitoring solutions
• Proficiency in configuring and managing Fortinet FortiGate firewalls, Azure Firewalls, Azure NSGs, and AWS Security Groups/Network Firewall
• Strong knowledge of network protocols (TCP/IP, UDP, HTTP/S), security concepts (zero trust, segmentation), and cloud networking (VPCs, VNETs)
• Expertise in troubleshooting complex firewall issues using CLI, packet analysis tools (e.g., Wireshark), and cloud-native logging (e.g., AWS VPC Flow Logs, Azure Monitor)
• Familiarity with compliance frameworks (e.g., NIST, ISO 27001) and their application to firewall policies

Preferred Skills

• Advanced proficiency with AlgoSec for unified security policy management across hybrid and multi-cloud environments
• Proficiency in scripting (e.g., Python, Bash) for automating firewall rule deployments or audits
• Advanced experience with AlgoSec's Security Management Suite, including AutoDiscovery, BusinessFlow, and FireFlow for end-to-end policy management
• Experience with traffic simulation, risk assessment, and policy compliance tools in AlgoSec

• Contract: W2 only, 6-12 month contract with potential for extension or conversion to full time with either the client or CEI
• Pay: $50/hour + optional medical, dental, vision, 401(k) match

As a trusted technology partner, CEI delivers solutions that help our customers transform their business and achieve meaningful results. From strategy and custom application development through application management - our technology and digital experience services are tailored to meet each unique need of our customers. Our staffing solutions bring specialized skills to complement our customers'' workforce and project requirements.