Network Security Specialist

Job Title:  Network Security Specialist (Cisco ASA/ Fortinet/Palo Alto)

Location: [Specify Location – Downton NYC, can request hybrid on demand]

Job Type: C2C

Experience Level: 8-10 Years

About Us: ByteBridge is a comprehensive IT consulting LLC dedicated to empowering businesses with strategic solutions across IT infrastructure, custom software development, and Artificial Intelligence. We deliver integrated expertise in web design, product innovation, strategic technology sales, and machine learning to drive efficiency, growth, and competitive advantage for our clients.”

Job Summary: We are seeking a 5 to10 years experienced and technically proficient  Firewall  Engineer to lead and execute complex firewall design and migration projects. The ideal candidate will possess 5-10 years of hands-on experience in network security, with a strong emphasis on migrating existing Cisco ASA firewall configurations to modern Fortinet FortiGate or Palo Alto Networks platforms. This role requires deep technical expertise, meticulous planning, excellent problem-solving skills, and the ability to work independently and collaboratively within a project-oriented environment.

Key Responsibilities:

Migration Planning & Strategy:

Develop comprehensive migration strategies, methodologies, and detailed project plans for transitioning from Cisco ASA to Fortinet FortiGate or Palo Alto Networks firewalls.

Conduct thorough assessments of existing Cisco ASA environments, including rulebases, NAT policies, VPNs, routing, and high-availability configurations.

Identify and document potential risks, challenges, and dependencies associated with migrations.

Configuration & Implementation:

Design, configure, and implement new Fortinet FortiGate or Palo Alto Networks firewall solutions, ensuring optimal performance, security, and compliance.

Translate and convert complex Cisco ASA configurations (ACLs, NAT, VPNs, routing protocols, object groups, service groups) into equivalent Fortinet or Palo Alto syntax and best practices.

Implement advanced features such as application control, intrusion prevention (IPS), URL filtering, SSL decryption, and SD-WAN capabilities on target platforms.

Configure site-to-site VPNs, remote access VPNs, and integration with identity management systems (e.g., LDAP, RADIUS, SAML).

Testing & Validation:

Develop and execute comprehensive testing plans to validate migrated configurations, ensuring full functionality and security posture post-migration.

Perform pre-and post-migration network health checks and performance monitoring.

Troubleshoot and resolve any issues arising during migration, testing, or post-cutover phases.

Documentation & Reporting:

Create and maintain detailed documentation of network diagrams, configurations, migration steps, and post-migration validation results.

Provide regular status updates and technical reports to project managers and stakeholders.

Collaboration & Support:

Work closely with network architects, security teams, system administrators, and other stakeholders to ensure seamless integration and minimal disruption during migrations.

Provide knowledge transfer and training to operations teams on new firewall platforms as needed.

Stay abreast of the latest security threats, technologies, and best practices related to Fortinet, Palo Alto, and Cisco ASA.

Required Qualifications:

Experience: 5-10 years of hands-on experience in network security engineering, specifically with firewall design, implementation, and migration.

Cisco ASA Expertise:

In-depth knowledge and hands-on experience with Cisco ASA firewalls (5500-X series preferred), including:

Security contexts (multi-context mode)

Access Control Lists (ACLs) and Object Groups

Network Address Translation (NAT) – Static, Dynamic, Twice NAT

IPsec VPN (Site-to-Site, Remote Access – AnyConnect)

High Availability (Active/Standby, Active/Active)

Routing protocols (OSPF, BGP, Static)

Modular Policy Framework (MPF)

Packet Tracer and troubleshooting tools.
Target Platform Expertise (One or both are essential):

Fortinet FortiGate: Strong experience with FortiManager, FortiAnalyzer, Policy & Objects, NAT, VPNs, Security Profiles (IPS, AV, Web Filter, Application Control), SD-WAN, VDOMs, CLI, and FortiOS.

Palo Alto Networks: Strong experience with Panorama, Security Policies, NAT, VPNs, App-ID, Content-ID, User-ID, URL Filtering, Threat Prevention, WildFire, GlobalProtect, Virtual Systems, and PAN-OS.

Migration Tools & Methodologies: Experience with firewall migration tools (e.g., Palo Alto Expedition, FortiConverter, or other third-party tools) and a strong understanding of migration best practices.

Networking Fundamentals: Solid understanding of TCP/IP, routing protocols (OSPF, BGP), switching, VLANs, and general network architecture.

Operating Systems: Familiarity with Linux/Unix command line and Windows Server environments.

Problem-Solving: Excellent analytical, troubleshooting, and problem-solving skills with a methodical approach.

Communication: Strong verbal and written communication skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.

Project Management: Ability to manage multiple tasks, prioritize effectively, and meet project deadlines.

Certifications (Preferred, but not required):

Cisco CCNP Security, CCIE Security (written/lab)

Fortinet NSE4, NSE5, NSE7, NSE8

Palo Alto Networks PCNSA, PCNSE

Education:

Bachelor’s degree in Computer Science, Information Technology, or a related field, or equivalent practical experience.

Email your resume and status to info@bytebridgeai.io