Raymond James Financial Services
Lead Firewall Engineer
Raymond James Financial Services, St. Petersburg, Florida, United States,
Description
This position follows our hybrid-friendly schedule, so you get the best of both worlds – flexibility and collaboration. In office days will be 2-3 per week averaging 10-12 days per month in one of the following Corporate Office locations: St. Petersburg, FL; Southfield, MI; Memphis, TN; Denver, CO.
Job Summary:
The Lead Firewall Engineer is responsible for managing, designing, and improving RJ’s enterprise network. He or she will assist network architects with design and implementation of firewall network technologies. This role is responsible for senior level firewall engineering implementation and providing guiding principles and technical leadership to peer engineers, proactively taking technology project delivery from 0 to 100% with little to no supervision. General duties include leading the buildout of network security solutions and driving innovation for implementation of new modern technologies in the enterprise network. Partners with management and peer engineers to drive infrastructure modernization projects to completion and provides Tier3 technical support using extensive expertise to take on work assignments the team is engaged in. Strong people skills and the ability to balance/prioritize between multiple tasks and projects are essential. This position involves routing and switching and network firewall implementation projects for both on-prem and cloud infrastructure.
Essential Duties and Responsibilities:
Design, improve and innovate:
Primary focus is to implementtechnologies or changes to existing technologies as identified and designed by the architecture team.
Researches and recommends innovative technologies and approaches for enterprise infrastructure management, upgrades, or improvements.
Utilize and integrate network components such as switches, routers, firewalls, wireless AP/Controllers, SDN fabric components, load balancers, Network Access Control (NAC) servers and cloud infrastructure network elements.
Proactively identify and implement network improvements to assure the performance, resiliency, and redundancy of the network.
Utilizes blueprints to engineer solutions and adhere to enterprise standards (engineering focused, architecture supported).
Take disaster recovery and business continuity plan aspects into consideration for any new technology implementation or change.
Monitor, document and offer proactive support:
Provides ad-hoc support for incidents requiring T3 level resources (engineering/architecture) and knowledge.
Use Microsoft Visio to produce and maintain documentation with regards to implementation of new systems or system changes
Participate in 24x7 on call rotation for SME T3 support requirements as needed.
Maintains service level agreements of departmental metrics, key performance indicators and adhering to strict project timelines.
Maintain/Improve security posture, promptly addressing issues, vulnerabilities, and security requirements according to regulatory guidelines (PCIDSS, PII, CIS, NIST)
Lead, collaborate and coach:
Work collaboratively across a variety of business units to implement new technologies.
Coordinate and take lead of assigned projects in all technical and communication aspects.
Lead engineering peers towards achieving common goals in assigned projects.
Coach peer engineers and effectively perform knowledge transfer/cross training activities.
Provide technical leadership as an SME or as part of an Information Technology (IT) project.
Qualifications
Knowledge, Skills, and Abilities:
Knowledge of Panorama policy management (NGFW PanOS)
Knowledge of Prisma Access (preferred – Cortex, DataLake, CloudIdentityEngine)
Experience with deployment from 0 to 100% of enterprise firewall clusters
Experience with routing and switching enterprise technologies (CCNA level required, CCNP level desirable
Knowledge of DNS Geolocation (LTM, GTM, APM, ASM/Cloud WAF).
Knowledge of DDOS mitigation technologies ( Layer 3, Layer4 and Layer 7 - WAF).
Automation/scripting experience (Python, Ansible)
Network security protocols, architecture and design principles; intrusion detection, prevention systems, secure socket layer (SSL) protocols, virtual private networks (VPNs),
Network performance optimization, capacity planning and load balancing.
Familiarity with the following monitoring platforms: Microsoft SevOne, SolarWinds, DataDog, Splunk)
Education/Previous Experience:
Typically requires a Bachelor's degree; 5 plus years of relevant experience. May have one or more technical or business-related certifications.
Licenses/Certifications:
NPPCNSE,JNCIP strongly preffered
CCNP desirable, Arista ACE L3 desirable
Security and control certifications desirable (CISSP, CISM, CISA, CRISC).
Job: Technology
Primary Location: US-FL-St. Petersburg-Saint Petersburg
Other Locations: US-TN-Memphis-Memphis, US-MI-Southfield-Southfield, US-CO-Denver-Denver
Organization Technology
Schedule Full-time
Job Shift Day Job
Travel No
Req ID: 2402692
This position follows our hybrid-friendly schedule, so you get the best of both worlds – flexibility and collaboration. In office days will be 2-3 per week averaging 10-12 days per month in one of the following Corporate Office locations: St. Petersburg, FL; Southfield, MI; Memphis, TN; Denver, CO.
Job Summary:
The Lead Firewall Engineer is responsible for managing, designing, and improving RJ’s enterprise network. He or she will assist network architects with design and implementation of firewall network technologies. This role is responsible for senior level firewall engineering implementation and providing guiding principles and technical leadership to peer engineers, proactively taking technology project delivery from 0 to 100% with little to no supervision. General duties include leading the buildout of network security solutions and driving innovation for implementation of new modern technologies in the enterprise network. Partners with management and peer engineers to drive infrastructure modernization projects to completion and provides Tier3 technical support using extensive expertise to take on work assignments the team is engaged in. Strong people skills and the ability to balance/prioritize between multiple tasks and projects are essential. This position involves routing and switching and network firewall implementation projects for both on-prem and cloud infrastructure.
Essential Duties and Responsibilities:
Design, improve and innovate:
Primary focus is to implementtechnologies or changes to existing technologies as identified and designed by the architecture team.
Researches and recommends innovative technologies and approaches for enterprise infrastructure management, upgrades, or improvements.
Utilize and integrate network components such as switches, routers, firewalls, wireless AP/Controllers, SDN fabric components, load balancers, Network Access Control (NAC) servers and cloud infrastructure network elements.
Proactively identify and implement network improvements to assure the performance, resiliency, and redundancy of the network.
Utilizes blueprints to engineer solutions and adhere to enterprise standards (engineering focused, architecture supported).
Take disaster recovery and business continuity plan aspects into consideration for any new technology implementation or change.
Monitor, document and offer proactive support:
Provides ad-hoc support for incidents requiring T3 level resources (engineering/architecture) and knowledge.
Use Microsoft Visio to produce and maintain documentation with regards to implementation of new systems or system changes
Participate in 24x7 on call rotation for SME T3 support requirements as needed.
Maintains service level agreements of departmental metrics, key performance indicators and adhering to strict project timelines.
Maintain/Improve security posture, promptly addressing issues, vulnerabilities, and security requirements according to regulatory guidelines (PCIDSS, PII, CIS, NIST)
Lead, collaborate and coach:
Work collaboratively across a variety of business units to implement new technologies.
Coordinate and take lead of assigned projects in all technical and communication aspects.
Lead engineering peers towards achieving common goals in assigned projects.
Coach peer engineers and effectively perform knowledge transfer/cross training activities.
Provide technical leadership as an SME or as part of an Information Technology (IT) project.
Qualifications
Knowledge, Skills, and Abilities:
Knowledge of Panorama policy management (NGFW PanOS)
Knowledge of Prisma Access (preferred – Cortex, DataLake, CloudIdentityEngine)
Experience with deployment from 0 to 100% of enterprise firewall clusters
Experience with routing and switching enterprise technologies (CCNA level required, CCNP level desirable
Knowledge of DNS Geolocation (LTM, GTM, APM, ASM/Cloud WAF).
Knowledge of DDOS mitigation technologies ( Layer 3, Layer4 and Layer 7 - WAF).
Automation/scripting experience (Python, Ansible)
Network security protocols, architecture and design principles; intrusion detection, prevention systems, secure socket layer (SSL) protocols, virtual private networks (VPNs),
Network performance optimization, capacity planning and load balancing.
Familiarity with the following monitoring platforms: Microsoft SevOne, SolarWinds, DataDog, Splunk)
Education/Previous Experience:
Typically requires a Bachelor's degree; 5 plus years of relevant experience. May have one or more technical or business-related certifications.
Licenses/Certifications:
NPPCNSE,JNCIP strongly preffered
CCNP desirable, Arista ACE L3 desirable
Security and control certifications desirable (CISSP, CISM, CISA, CRISC).
Job: Technology
Primary Location: US-FL-St. Petersburg-Saint Petersburg
Other Locations: US-TN-Memphis-Memphis, US-MI-Southfield-Southfield, US-CO-Denver-Denver
Organization Technology
Schedule Full-time
Job Shift Day Job
Travel No
Req ID: 2402692