We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
Metropolitan Council jobs

Palo Alto Firewall Engineer (Systems Engineer 3)

Metropolitan Council
$93,017.60 - $150,862.40 Annually
medical insurance, dental insurance, life insurance, vision insurance, retirement plan, pension
United States, Minnesota, Saint Paul
390 Robert Street North (Show on map)
Dec 19, 2024

WHO WE ARE

We are the Metropolitan Council, the regional government for the seven-county Twin Cities metropolitan area. We plan 30 years ahead for the future of the metropolitan area and provide regional transportation, wastewater, and housing services. More information about us on our website.

We are committed to supporting a diverse workforce that reflects the communities we serve.

Information Services is the central IT department supporting all divisions of the Metropolitan Council. Our 140 team members provide technology, practices and innovative solutions that enable the core services of the Council.

How your work would contribute to our organization and the Twin Cities region:


We are seeking a highly skilled and experienced Palo Alto Firewall Engineer to join our team. This role is critical in ensuring the security, reliability, and performance of our enterprise network infrastructure. The ideal candidate will have extensive expertise in configuring, managing, and optimizing Palo Alto Networks technologies, including Strata Cloud Manager, Prisma Access, GlobalProtect, Panorama, and Palo Alto's SASE (Secure Access Service Edge) solutions. This position requires a professional who can work effectively in both on-premises and cloud-based environments, ensuring seamless integration and robust security across all platforms.

This position is eligible for a hybrid (both remote and onsite) telework arrangement. Candidate's permanent residence must be in Minnesota or Wisconsin.

What you would do in this job

Firewall Management and Configuration:

  • Deploy, configure, and manage Palo Alto firewalls across on-premises and cloud environments.
  • Implement and maintain security policies, access controls, and NAT rules to meet organizational requirements.
  • Optimize firewall performance and ensure high availability.
Cloud Security and SASE Solutions:
  • Administer and manage Palo Alto's Prisma Access for secure remote access solutions.
  • Utilize Strata Cloud Manager to monitor and manage distributed firewalls.
  • Implement and support Palo Alto's SASE products to ensure secure access for users across hybrid environments.
Network Security Monitoring and Troubleshooting:
  • Monitor network traffic for anomalies using Panorama and other tools to ensure proactive threat detection.
  • Troubleshoot complex network security issues, including VPNs (GlobalProtect), connectivity problems, and policy conflicts.
  • Perform regular audits of firewall configuration to ensure compliance with security standards.
Automation and Optimization:
  • Develop scripts or use automation tools to streamline firewall management tasks (e.g. policy updates, log analysis).C
  • Identify opportunities for process improvements to enhance operational efficiency.
Collaboration and Documentation:
  • Work closely with cross-functional teams to design secure network architectures that align with business goals.
  • Maintain detailed technical documentation, including network diagrams, change logs, and SOPs.

What education and experience are required for this job (minimum qualifications)

Any of the following combinations of education (in computer information technology, cyber security, computer forensics, computer science, or closely related field) and experience managing Palo Alto Networks technologies and working with cloud environments and their integration with Palo Alto solutions:

  • Bachelor's degree or higher and five years of experience
  • Associate degree and seven years of experience
  • High school diploma/GED and nine years of experience
Experience managing Palo Alto Networks technologies should include Strata Cloud Manager, Prisma Access, GlobalProtect VPN solutions, Panorama centralized management platform, and Palo Alto SASE products (e.g. Prisma SD-WAN).

What additional skills and experience would be helpful in this job (desired qualifications):
  • Strong understanding of network security concepts such as firewalls, VPNs, intrusion prevention systems (IPS), and zero-trust architectures.
  • Experience configuring advanced features like App-ID, User-ID, Threat Prevention, URL Filtering, WildFire, and SSL decryption.
  • Hands-on experience in large-scale enterprise environments with complex network infrastructures.
  • Familiarity with scripting languages (e.g., Python) or automation tools for managing firewalls at scale.
  • Experience with third-party SIEM tools for log analysis and incident response integration.
  • Experience, or knowledge of, compliance frameworks such as PCI DSS, HIPAA, or ISO 27001 as they relate to network security.
  • Exposure to SD-WAN technologies or other advanced networking solutions.
  • Relevant certifications such as Palo Alto Networks Certified Network Security Administrator (PCNSA) or Palo Alto Networks Certified Network Security Engineer (PCNSE).
  • Experience working and collaborating in a diverse, multi-cultural, and inclusive environment.
What knowledge, skills, and abilities you should have within the first six months on the job:
  • Strong problem-solving abilities with a proactive approach to identifying risks and resolving issues under pressure.
  • Excellent communication skills for collaborating with technical teams and presenting complex concepts to non-technical stakeholders.
  • High attention to detail with a commitment to maintaining accurate documentation and adhering to change management processes.
  • Ability to thrive in a fast-paced environment while managing multiple priorities effectively.
What you can expect from us:
  • We offer the opportunity to make a difference and positively influence the Twin Cities metropolitan area.
  • We encourage our employees to develop their skills through on-site training and tuition reimbursement.
  • We provide a competitive salary, excellent benefits and a good work/life balance.
More about why you should join us!

Additional information

Union: AFSCME
Grade: I
FLSA Status: Exempt
Safety Sensitive: No

What your work environment would be:
You would perform your work in a standard office setting. Work may sometimes require travel between your primary work site and other sites.

What steps the recruitment process involves:
1. We review your minimum qualifications.
2. We rate your education and experience.
3. We conduct a structured panel interview.
4. We conduct a selection interview.

Once you have successfully completed the steps above, then:

If you are new to the Metropolitan Council, you must pass a background check which verifies education, employment, and criminal history. A driving record check and/or physical may be conducted if applicable to the job. If you have a criminal conviction, you do not automatically fail. The Metropolitan Council considers felony, gross misdemeanor and misdemeanor convictions on a case-by-case basis, based on whether they are related to the job and whether the candidate has demonstrated adequate rehabilitation.

If you are already an employee of the Metropolitan Council, you must pass a criminal background check if the job you're applying for is safety sensitive, is a supervisory or management job, is in the Finance, Information Services, Audit, or Human Resources departments, or has access to financial records, files/databases, cash, vouchers or transit fare cards. A driving record check and/or physical may be conducted if applicable to the position.

Security Policy:

This position involves direct access to Criminal Justice Information (CJI) as defined by the FBI CJIS (Criminal Justice Information Services) Security Policy. In accordance with section 5.12.1.1 of the FBI CJIS Security Policy, final candidates must agree to submit to a state of residence and national fingerprint-based record check.

If the result of the record check reveals criminal convictions, the nature and circumstances of those convictions will be reviewed by the Metropolitan Transit Police Department and/or the Minnesota Bureau of Criminal Apprehension to determine if access to Criminal Justice Information would be permissible. If it is determined that access to Criminal Justice Information would not be permissible, the candidate will no longer be considered for the position.

IMPORTANT: If you make a false statement or withhold information, you may be barred from job consideration.

The Metropolitan Council is an Equal Opportunity, Affirmative Action, and veteran-friendly employer. The Council is committed to a workforce that reflects the diversity of the region and strongly encourages persons of color, members of the LGBTQ community, individuals with disabilities, women, and veterans to apply.

If you have a disability that requires accommodation during the selection process, please email HR-OCCHealth@metc.state.mn.us.


Applied = 0
MORE JOBS LIKE THIS

(web-86f5d9bb6b-4zvk8)