Engineer Network 4 (Palo Alto Network Security Engineer)

Northrop Grumman - Woodlawn, MD4.0

Are you interested in the opportunity to work for an industry-leading company whose work with cutting-edge technology is driven by something human: the lives our technology protects? If so, Northrop Grumman may be the place for you. It's not the systems that drive us: it's the soldier our systems bring home. It's not just the equipment that motivates us: it's the people our equipment protects. It's not the innovation that gets us up in the morning: it's whom those innovations serve. We're united by our work to help people and protect the world. And that mission makes our team even stronger.

When you join Northrop Grumman, you'll have the opportunity to connect with coworkers in an environment that's uniquely caring, diverse, and respectful. Employees share experiences, insights, perspectives, and creative solutions with some of the best minds in the industry. We collaborate through integrated product teams, cross-functional teams, and employee resource groups, while thriving through the support of training and development, mentors and every day coaching, along with extensive health and work/life benefits. We're committed to our employees' professional and personal development and success.

Northrop Grumman recruits top talent with traditional and non-traditional backgrounds in order to ensure our team is united, connected, skilled, focused and innovative. An inclusive workplace of people with diverse backgrounds, experiences, and perspectives is the key to our performance. At Northrop Grumman, we want our employees to bring their whole self to work. All your different sides are welcome here, as we believe they make our team, our products and our services, that much better.

Northrop GrummanTechnology Servicessector is seeking aEngineer Network 4 (Palo Alto Network Security Engineer)to join our team of qualified, diverse individuals. This position will be located in Woodlawn, MD.

This is an excellent opportunity to learn, grow, and be a part of a first class organization working on complex, leading edge network technology. Position is responsible for providing engineering services in support of an enterprise-wide firewall/intrusion detection infrastructure in one of the Federal Government's largest civilian agency data networks. Emphasis of the position will be on high-level technical consulting business requirement analysis, network security requirement analysis, Endpoint Profiler solution evaluation, vendor product testing, system architecture development, technical writing, strategic planning and providing expert technical advice to Government executives. The resulting security solution will be deployed enterprise-wide, for both Internet and Intranet environments.

The subject network is of unprecedented scale; 3 data centers, 1,500 field offices, 2,000 MPLS routers, 4,000 LAN switches and 64,000 workstations.

This is an exceptional opportunity for the successful candidate to apply their network security expertise to design and implement cutting-edge network access control technologies in a world-class environment.

Description of work:
Designs and plans new firewall and network security systems to protect the network from internal and external threats.
Evaluates potential network security products, technical solutions, and capacity requirements to meet business needs.
Tests network security design, newly released equipment software and operating system for security vulnerabilities. Makes changes to mitigate the risk.
Reviews the customer's network and practices looking for opportunities to enhance network security functionality, performance and reliability by utilizing the proven secure security platform.
Provides specifications and detail schematics for network security architecture of the enterprise.
Analyze current security device configurations and determine implementation requirements.
Develops implementation strategies, plans and processes for a nationwide rollout/upgrade of the existing Firewalls
Develops Standard Operating Procedures (SOPs) for administering the firewalls and Endpoint Profiler system
Upgrade configuration of existing server load balancing equipment to support new features and functions.
Provides daily monitoring/detection of potential treats and develop risk mitigation solutions
Configure and maintain Domain Name Server (DNS), Network Time Protocol (NTP), Simple Mail Transfer Protocol (SMTP) servers
Provide third-level technical support and troubleshooting for critical network security problems
Develops documentation, including diagrams, standards, specifications and operating procedures.
Monitor for opportunities to enhance the customer network security performance or reliability.
Monitor for opportunities to improve the customer service delivery practices.
Provide guidance to team members and provide status metrics to Government customer and Northrop Grumman management.
Provide third-level support and troubleshooting of network problems. Periodically provide after-hours and weekend support.

Basic Qualifications:
Minimum knowledge, skills, abilities needed.

Bachelors degree and 10 years of IT related work experience, Masters degree and 8 years of IT related experience or Doctorate and 5 years of IT related experience

Must hold one of the following active certifications:
Palo Alto Networks Certified Network Security Engineer (PCNSE)
Palo Alto Accredited Configuration Engineer (ACE) certification
Minimum of 8 years of experience in engineering complex network systems.
Minimum of 2 years ofexperience with network security control systems. For example: firewalls, anti-virus, intrusion detection, wireless, proxy server, VPN, TACACS, RADIUS, ACLs, IPSEC, 802.1x, audits, log files, etc.
Strong understanding of Cisco switches/routers and principle LAN/WAN technologies (Ethernet, IP routing, Multicast, DHCP, etc.).
Demonstrate strong oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences, as well as interface with the customer on a daily basis
Must be US Citizen or Lawful Permanent Resident

Must be able to obtain a Public Trust clearance

Preferred Qualifications:
Candidates with these skills will be given preferential consideration.

AIX Administration certification
Network engineering industry certification (Network+, CCNA, CCNP, CISSP)
Knowledge of IP routing protocols and implementations
Northrop Grumman is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity/Affirmative Action Employer, making decisions without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. For our complete EEO/AA and Pay Transparency statement, please visit U.S. Citizenship is required for most positions.