Network Security Engineer IV

9 Hours ago • 10-16 Years • Cyber Security

Job Summary

Job Description

We are seeking a highly skilled L4 Network Security Engineer/ Lead Engineer to lead migration planning and execution for the End Of Life (EOL) replacement of legacy Cisco ASA firewalls with Cisco Firepower and Palo Alto Networks Next-Generation Firewalls (NGFWs). This role requires deep hands-on expertise, the ability to mentor junior engineers, drive automation efforts, and design scalable, secure migration workflows. Key responsibilities include end-to-end planning and execution of ASA to Firepower and Palo Alto migrations, designing migration workflows, HA topology, and optimizing policy conversion strategy. Perform or oversee configuration conversion from ASA to Palo Alto and Cisco Firepower. Design, test, and validate VPNs (IPSec/SSL), NAT policies, dynamic routing, and IPS/IDS profiles. Collaborate with enterprise architects, operations, and product teams for successful delivery, guiding L3 teams, reviewing configurations, and troubleshooting complex post-migration issues.
Must have:
  • Deep hands-on knowledge in Cisco ASA, Cisco Firepower/FTD
  • Palo Alto NGFW (VSYS, Panorama, Expedition, Migration Manager)
  • Strong command of Cisco ASA ACL, VPN, AnyConnect, HA, NAT, Policy Management
  • Strong command of Palo Alto VPN, Global Protect, HA, NAT, Security Policy
  • Routing protocols (Static, OSPF, BGP) and switching fundamentals
  • Policy migration planning, zero-touch deployment
  • Config conversion tools and scripting (Python preferred)
  • Multi-vendor firewall strategy and enterprise segmentation
  • Strong understanding of HA, software upgrade, rollback
  • Sound knowledge of L3 routing and switching concepts
Good to have:
  • Cisco certifications: CCIE Security/ CCNP Security/ CCNP R&S
  • Palo Alto certifications: PCNSA/PCNSE

Job Details

Job Title – Network Security Engineer-IV
 
Location: Remote
Experience: 10–16 years
Project: Cisco ASA to Palo Alto / Firepower EOL Migration
Job Type: Full-time


Role Overview:
  • We are seeking a highly skilled L4 Network Security Engineer/ Lead Engineer to lead migration planning and execution for the EOL replacement of legacy Cisco ASA firewalls (5508,5525,5545,5555 etc.) with Cisco Firepower and Palo Alto Networks NGFWs. This role requires deep hands-on expertise as well as the ability to mentor junior engineers, drive automation efforts, and design scalable, secure migration workflows.


Key Responsibilities:
  • Lead end-to-end planning and execution of ASA to Firepower and Palo Alto migrations.
  • Design migration workflows, HA topology, and optimize policy conversion strategy.
  • Perform or oversee conversion of configurations:
  • ASA → Palo Alto (1410 VSYS, 1410 Single Tenant & VM-Series)
  • ASA → Cisco Firepower with ASA Code or FTD
  • Design, test, and validate:
  • VPNs (IPSec/SSL), NAT policies,dynamic routing, IPS/IDS profiles
  • Collaborate with enterprise architects, operations, and product teams for successful delivery.
  • Strong knowledge of change/Incident management process.
  • Guide L3 teams in execution, review configurations and scripts.
  • Troubleshoot complex post-migration issues.
  • Track project milestones and ensure documentation compliance.


Must-Have Skills:
  • Deep hands-on knowledge in:
  • Cisco ASA, Cisco Firepower/FTD
  • Palo Alto NGFW (VSYS, Panorama,Expedition, Migration Manager)
  • Strong command of:
  • Cisco ASA- ACL, VPN setup (IPSec/SSL), AnyConnect, HA Setup, NAT, Policy Management, OS Upgrade.
  • Palo Alto- VPN setup (IPSec/SSL),Global protect, HA Setup, NAT, Security Policy Management, PANOS Upgrade.
  • Routing protocols (Static, OSPF,BGP) and switching fundamentals
  • Policy migration planning,zero-touch deployment models
  • Config conversion tools and scripting (Expedition, Python preferred)
  • Experience in multi-vendor firewall strategy and enterprise segmentation
  • Strong understanding of HA configurations, software upgrade planning, and rollback scenarios
  • Sound knowledge of L3 routing (Static, OSPF, BGP) and switching concepts.


Soft Skills & Professional Attributes:
  • Excellent interpersonal and communication skills – able to clearly articulate ideas, processes, and technical concepts to both technical and non-technical audiences.
  • Strong documentation abilities – capable of creating and maintaining clear, concise technical documentation and procedures.
  • Flexible, proactive, and self-driven – demonstrates initiative, reliability, and adaptability in dynamic environments.


Preferred Certifications:
  • Cisco Certifications: CCIE Security/ CCNP Security/ CCNP R&S
  • Palo Alto Certifications: PCNSA/PCNSE 


Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Gurugram, Haryana, India

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Cyber Security Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

United States (Hybrid)

Gurugram, Haryana, India (Remote)

Gurugram, Haryana, India (Remote)

Riyadh, Riyadh Province, Saudi Arabia (On-Site)

India (Remote)

San Antonio, Texas, United States (Hybrid)

San Antonio, Texas, United States (Remote)

San Antonio, Texas, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Rackspace Technology

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug