Role: Firewall Consultant will be 12 months in duration and the candidate will need to be onsite from the onset of the role starting @ Downey, CA, USA The following factors contribute to the security challenges:
A WAN with the core centrally managed, but the edge LANs and desktops (50,000+) managed by the individual departments and commissions.
Decentralized IT projects in the County departments and commissions running their own applications outside of the County’s data centers.
MINIMUM QUALIFICATIONS
The Consultant must meet the following minimum qualifications:
Musthavefive(8)years’networkingexperience,withinthelastseven(17)years designing, implementing, upgrading, and troubleshooting Cisco ASA and Firepower firewalls in the enterprise environment.
Musthavethree(6)years’experiencewithinthelastfive(1)yearsengineering, designing, implementing, and maintaining Site-to-Site VPN connections with double NAT using Cisco ASA firewall technology.
Musthavethree(6)years’experiencewithinthelastfive(15)yearsasasenior- level network administrator on layer-2, layer-3 switches, and routers in distributed enterprise deployments including: multi-tiered architecture, virtualization technologies and multi-tenant infrastructure.
Musthavetwo(4)years’experiencewithinthelastfour(14)yearsasatechnical lead in the cloud based network infrastructure such as AWS, Google Cloud Platform, or Azure.
Must have a certification of current CCNA (Cisco Certified Network Associate).
DESCRIPTION OF WORK/DUTIES:
The Firewall Consultant shall administer, design, implement, audit, diagnose, and monitor network Cisco firewall systems for enforcement of security controls. The Consultant shall perform all of the duties listed below:
Provide technical consultation to departmental project teams relating to network firewall (Cisco ASA and Firepower) design, implementation, and security-related development projects.
Configure and administer Cisco ASA and Firepower firewalls including Access Control List (ACL), Network Address Translation (NAT), Intrusion Prevention System (IPS), IOS software code upgrades, packet analysis, and performance monitoring.
Document firewall implementation plans, operating procedures, processes, and configuration of daily tasks as necessary to support the operational activities related to network firewall/VPN infrastructure.
Identify, troubleshoot and resolve complex network connectivity.
Identify the obsolete or unnecessary configurations including object groups, access control lists, network address translations, SSH clients, and the hosts on all firewall, and create a procedure to remove the findings.
Plan and execute the installation of the new network firewalls that will replace the current equipment due to the end-of-life deadline. Also migrate the existing configuration to the new equipment.
Provide knowledge transfer to the Firewall Operations Team through training and mentoring.
