×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Systems Engineer Cybersecurity IT Support

Firewall Operations Engineer; L3​/L4

Job in Indianapolis, Hamilton County, Indiana, 46262, USA
Listing for: Vantage Point Consulting
Full Time position
Listed on 2026-06-12
Job specializations:
  • IT/Tech
    Systems Engineer, Cybersecurity, IT Support
Job Description & How to Apply Below
Position: Firewall Operations Engineer (L3/L4)
Location: Indianapolis

JOB DESCRIPTION

The Firewall Operations Engineer is a key member of the Client Network Security Operations team supporting Client's global infrastructure. This role is responsible for the day-to-day management, change execution, lifecycle management, and operational documentation of Palo Alto Networks firewall infrastructure across both Enterprise/Corporate (EC) and Manufacturing (MFG) environments. The engineer works within a structured change management framework using Service Now and Panorama, and collaborates closely with Client's Security Architects, Site Engineers, and Project Managers to deliver secure, reliable network operations.

Key Responsibilities

Firewall Change Management

• Execute firewall rule changes, policy updates, and object modifications via Palo Alto Panorama across EC and MFG environments

• Prepare and submit Service Now change requests including Business Justification, Risk & Impact Statement, Deployment Plan, Backout Plan, and Test Plan

• Perform peer review of change requests prior to Senior Engineer commit authorization

• Adhere to out-of-window escalation procedures, obtaining dual approval from the Client's FW Team and ML Zone1 SDM

• Maintain compliance with approved project change scheduling windows for both EC and MFG environments

Infrastructure & Lifecycle Management

• Support PA-5220 to PA-5410 and similar hardware upgrade programs across Client's global manufacturing sites

• Execute like-for-like HA pair replacements including passive-first cutover sequencing, port renumbering, and HSCI/HA1 fiber planning

• Produce and maintain site delivery guides, cable mapping workbooks, and port migration documentation

• Coordinate hardware readiness including SFP compatibility, new single-mode fiber runs, and switch inventory validation

• Manage PAN-OS version control including upgrades, downgrades (e.g., 11.1.x to 11.0.x), and HA pair sequencing

Platform Administration

• Administer Panorama instances (e.g., ELI-PANORAMA
100) including management IP verification, device group management, and log forwarding

• Configure and validate Zone-based security policies, NAT rules, and security profiles

• Manage MGT interfaces, management tunnels, and XML API integrations

• Perform post-change validation and regression testing for firewall policy consistency

• Maintain firewall HA configurations and monitor cluster health across active/passive pairs

Documentation & Process Compliance

• Author and maintain formal operational process documents covering the full firewall change management lifecycle

• Document pre-change, deployment, and backout procedures in alignment with Client and governance standards

• Produce training materials and site-specific delivery guides for onshore and offshore engineering teams

• Support audit readiness through accurate record-keeping in Service Now and Panorama

Required Skills & Experience

Technical – Essential

• 3+ years of hands-on experience with Palo Alto Networks firewalls (PA-Series hardware and Panorama)

• Strong working knowledge of PAN-OS including policy management, HA configuration, and version lifecycle

• Experience with Zone-based segmentation, security policy design, and NAT in enterprise environments

• Familiarity with HA concepts: active/passive pairs, HA1/HA1-A/HA2/HSCI interfaces, passive-first upgrade sequencing

• Understanding of firewall hardware: SFP types (single-mode vs multi-mode), MGT port hardware, and data plane port renumbering

• Service Now change management – creation, peer review, and approval workflows

Technical – Desirable

• Experience supporting manufacturing/OT network environments alongside corporate IT

• Exposure to Palo Alto XML API and Panorama-based automation workflows

• Familiarity with PAN-OS downgrade procedures and known version-specific risks

• Knowledge of fiber infrastructure (OM3/OM4, single-mode) in data center or manufacturing contexts

Soft Skills & Working Practices

• Disciplined change management mindset – no unauthorized commits, rigorous peer review

• Clear written communication for formal documentation (process docs, change records, delivery guides)

• Ability to coordinate across offshore (India) and onshore (US) teams in a follow-the-sun model

• Comfortable working directly with customer architects and site engineers (Client's Security team, site staff)

Attention to detail in high-stakes change windows with structured backout procedures

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search