Senior Firewall Rules & Automation Engineer

Senior Firewall Rules & Automation Engineer

Remote EST preferred

Job Summary

The Senior Firewall Rules & Automation Engineer in the Strategic Initiatives Group is responsible for designing, optimizing, and automating firewall policies across complex enterprise environments. This role is central to the organization’s efforts to modernize network security, enforce segmentation, and support digital transformation initiatives. You’ll lead strategic projects involving firewall rule lifecycle management, policy-as-code, and integration with cloud and hybrid platforms, while collaborating with architects, cybersecurity teams, and infrastructure leaders to ensure secure and scalable connectivity.

In addition, this role functions as a Network Strategic Initiatives leader—advising, communicating, and driving delivery for global and transformational programs. When global 'critical incidents' arise, the leader rapidly aligns teams on a tactical response, identifies resolution paths, and documents gaps to evolve into standards, governance, or longer-term initiatives. The position is designed to serve holistically, connecting product teams to strategic goals and milestones while ensuring execution from the ground up. This position requires the ability to build from the ground up—establishing frameworks, governance, delivery models, and operational mechanisms to scale across a global enterprise.

This role is not limited to technical depth—it demands multi-disciplinary expertise, leadership across matrixed environments, and proven ability to execute from zero by building frameworks, governance, and delivery models. Familiarity with Agile/Lean practices is expected, enabling incremental value delivery and continuous improvement.

Key Responsibilities

Firewall Policy Design & Optimization

• Architect and implement enterprise firewall rule sets across data centers, cloud platforms, and edge environments.

• Design zone-based segmentation strategies and micro segmentation policies to reduce attack surface.

• Conduct rule audits, cleanup initiatives, and policy rationalization to eliminate redundancy and reduce complexity.

Automation & Policy-as-Code

• Develop automation workflows for firewall rule provisioning, validation, and decommissioning using tools like Ansible, Terraform, and Python.

• Implement policy-as-code frameworks to enforce standardized rule creation and change control.

• Integrate firewall automation with ITSM platforms (e.g., ServiceNow) and CI/CD pipelines.

Cloud & Hybrid Integration

• Design and manage firewall policies across cloud-native platforms (AWS Security Groups/NACLs, Azure NSGs, GCP Firewall Rules).

• Implement transit gateway and hub-spoke architectures with integrated firewall controls.

• Collaborate with cloud architects to align network security with cloud governance models.

* Tactical Response — Rapid activation to resolve global incidents, codify playbooks, and translate lessons learned into enduring standards.

* Network Consulting — Conduct assessments, provide reference architectures, and guide decision-making with executive-ready recommendations.

* Solution & Planning — Define and execute well-structured solution packages (HLD, LLD, BoM, QA, automation models) aligned with the One Management model. Emphasize Infra-as-Code, observability, and governance at every stage.

* Gap Analysis — Map as-is to to-be states across people, process, technology, and compliance, prioritizing remediation into quick wins and strategic programs.

* Policy-as-Code and automation-first delivery, harmonizing firewall and cloud perimeter controls, detecting drift, and ensuring compliance.

Security & Compliance

• Ensure firewall configurations meet regulatory and internal compliance standards (PCI-DSS, HIPAA, NIST).

• Implement logging, alerting, and telemetry for firewall events using SIEM platforms (Splunk, Sentinel).

• Support incident response and forensic investigations by providing firewall logs and traffic analysis.

Strategic Leadership & Collaboration

• Lead strategic initiatives such as Zero Trust segmentation, cloud perimeter modernization, and firewall-as-a-service adoption.

• Partner with enterprise architects, cybersecurity teams, and application owners to align firewall policies with business needs.

• Present technical strategies, risk posture, and automation outcomes to executive stakeholders.

Required Skills & Qualifications

Technical Expertise

• Deep understanding of firewall technologies (Palo Alto Networks, Fortinet, Cisco ASA/Firepower, Check Point).

• Proficiency in rule management, NAT, VPNs, and application-layer filtering.

• Strong scripting and automation skills (Python, Ansible, Terraform).

• Familiarity with cloud-native firewall constructs and SDN/SASE architectures.

Certifications

• Must have:- PCNSE (Palo Alto), NSE4+ (Fortinet), CCNP Security, AWS/Azure Security Specialty

Experience

• 13+ years in network security engineering with a focus on firewall management.

• 8+ years leading automation or strategic infrastructure initiatives.

Soft Skills

• Strong analytical and troubleshooting skills.

• Excellent communication and documentation abilities.

• Strategic mindset with a focus on scalability and governance.

Preferred Qualifications

• Experience with firewall rule lifecycle platforms (e.g., Tufin, AlgoSec, FireMon).

• Knowledge of Zero Trust segmentation and east-west traffic control.

• Background in regulated or high-security environments.