Job Description

Project Summary
Network Security Engineering services to Client is to validate existing firewall rulesets in place and approve new firewall requests for Client's on-premise and cloud firewalls. The project requires that all firewall rules be reviewed and optimized, removing legacy rules, and validating business owners for existing production rules to meet Automated Cybersecurity Evaluation Toolbox (ACET) evolving private banking audit requirements. Additionally, the project requires security engineering services support the integration of FireMon and ServiceNow ticketing to automate the quarterly and annual firewall rules compliances reviews.



Scope of Work:



Network Security Services
Firewall Rule analysis across various vendor devices (over 30,000 firewall rules & 11,000 servers)
Ensure new firewall rule requests align with Client's security and compliance policies
Recommendation of Firewall Rule security and design improvements
Validation of rules to disable
In depth troubleshooting of infrastructure as applicable
Establish and maintain system documentation
Integration support between FireMon and ServiceNow
Integration support between Firemon and Illumio
Tracking of Firewall Rule status and their metrics
Ability to provide OnCall coverage and work after-hour changes as needed to support project/KTLO efforts


Firewall Rule Configuration and Audit Consulting:
Review existing FireMon rule audit reports and findings with Client's team (hit counts, unused rules, etc.)
Determine process for rule owner identification and cleanup
Review of firewall rules Cisco and Check Point virtual firewalls
For each rule, determine current asset owner and document
For each rule, validate if the firewall rule is still required for all assets covered by rule
For each rule, if rules contain assets that are no longer in production or policy that is no longer required document finding and schedule change control to remove/clean up rule from existing firewall policy.
Leverage existing firewall management tools for discovery and maintenance/cleanup:
Adaptive Security Device Manager (ASDM)/Cisco Defense Orchestrator and FireMon Security Manager
Determine and document process for validating rules with Client team members
Monitor ServiceNow ticket queue to avoid SLA delay for client tickets


Key Qualifications:
Bachelor's Degree in Computer or Electrical Engineering, Computer Science or related field or equivalent work experience

7 10 years advance hands on experience and knowledge
General understanding of Cisco CDO for legacy Client Cisco ASAs

Experience of Palo Alto SCM for NGFW (Next Gen Firewall) migration and level of effort

Checkpoint experience needed

FireMon experience needed
Azure Cloud experience a plus

Palo Alto experience

Splunk experience needed
Cisco CCNA cert **OR CompTia Security+ (Plus) Certification**
Worked in a larger company environment (preferably financial institution)
Cross functional communication


A Cyber Security Engineer protects the organization's computer systems and networks for cyber threats by implementing security measures, monitoring systems, and responding to incidents
1. Expertise in executing security measures for protection of data, systems, and networks
2. Proficiency in firewalls, VPNs, IDS/IPS, web proxies, etc.
3. Strong attention to detail and problem-solving skills

Pi-square technologies is a Michigan (USA) Headquartered Automotive Embedded Engineering Services company, Synergy Partner for major OEMs and Tier 1s and their implementation partners in Automotive Embedded Product Development, Projects, Requirements Analysis, Software Design, Software Implementation, Efficient Build, Release Process, and turnkey software V & V Services. We have more than 20+ years of industry expertise with specialization in the latest cutting-edge automotive technologies such as Infotainment, connected vehicles, Cyber security, OTA, and Advanced Safety/ Body electronics.

Job Tags

Similar Jobs