Firewall Administrator

Job Description

**Contract Duration:**
09/08/2025 to 06/30/2026

**Work Location:**
Harrisburg, PA

**Work Arrangement:**
Hybrid, 2 days in office and 3 days telework per week; may be adjusted by the manager based on operational needs

**Interview Type:**
TBD

**Residency Requirements:**
Must reside in Pennsylvania

**Visas Accepted:**
USC, GC, EAD, H1B

**Summary**
Our client needs a hands-on Firewall Administrator to safeguard and enable critical services across multiple business units. You will own the lifecycle of firewall and secure connectivity controls from design and rule governance through change implementation, monitoring, and incident response. The role blends steady-state operations with project work that advances the enterprise security posture.

**What You Will Do**

– Administer enterprise firewalls across multiple environments with high availability, redundancy, and consistent policy enforcement.
– Design and implement security policies including rule sets, objects, NAT, zones, and segmentation that balance least privilege with business enablement.
– Run change management end to end: assess requests, analyze risk, validate with stakeholders, schedule maintenance, implement, test, and document.
– Continuously tune rules to reduce noise and improve performance, cleaning up shadowed, unused, and overly permissive rules.
– Operate secure connectivity for site-to-site, hub-and-spoke, and remote access VPNs, including certificate lifecycle and MFA integrations.
– Harden and maintain platforms via firmware upgrades, HA failover testing, config backups, and capacity planning.
– Monitor and investigate using firewall logs, packet captures, and SIEM queries; triage alerts, contain threats, and support incident response.
– Partner with network, server, and application teams to safely enable new services, load balancers, and cloud or third-party integrations.
– Document thoroughly with current network diagrams, runbooks, change records, and audit evidence to support operational continuity.
– Contribute to initiatives like micro-segmentation, zero trust, data center moves, WAN modernization, or cloud edge integrations.

**Tools and technologies you may touch:**

– Enterprise firewalls and managers such as Palo Alto Networks, Fortinet, Cisco ASA/FTD, Check Point, and platforms like Panorama or FortiManager.
– IDS/IPS, secure web gateways, VPN, PKI, and MFA solutions.
– Logging and analytics such as Splunk or Elastic; packet capture and traffic analysis utilities.
– ITSM and change platforms such as ServiceNow or equivalent.

**Minimum qualifications:**

– 5 or more years administering enterprise firewalls and related network security controls in production.
– Strong knowledge of TCP/IP, routing, switching, VLANs, ACLs, NAT, DNS, DHCP, VPN, and high availability concepts.
– Proven experience building and governing policy, executing changes safely, and documenting clearly.
– Proficiency reading logs and packets to troubleshoot complex connectivity and security issues.
– Clear communication skills and ability to coordinate changes across multiple technical teams.

**Preferred qualifications:**

– Experience in large, regulated, or public sector environments.
– Familiarity with security frameworks such as NIST 800-53 and CIS Controls.
– Scripting or automation exposure for configuration validation or policy audits.
– Relevant certifications, for example PCNSE, NSE, CCNP Security, or similar.