Firewall Administration & Security Specialist

Project Summary:

We are seeking an expert Firewall Administrator to perform a comprehensive security audit and overhaul of our network perimeter. This project is a critical initiative to enhance our defenses, streamline our firewall policies, and establish a robust, proactive security posture against modern threats.

The Business Imperative & Our Security Challenges:

Our current network security is not meeting the demands of our growing business. We are facing several critical challenges that must be addressed:

• Complex & Unmanaged Rulebase: Our firewall rule set has become overly complex and lacks proper documentation, making it difficult to manage and prone to errors.
• Lack of Proactive Threat Hunting: We are in a reactive security stance, relying on alerts rather than actively searching for and neutralizing potential threats.
• Suboptimal VPN Performance: Our remote access and site-to-site VPNs are unreliable and slow, hindering business operations and frustrating our remote teams.
• Compliance Gaps: We lack the detailed logging and auditing capabilities necessary to easily meet our industry's compliance standards.

Required Expertise & Technical Skills:

We require a specialist with deep, hands-on experience and a strategic mindset. The ideal candidate must possess:

• Core Firewall Platforms: Proven expertise with one or more of the following: Palo Alto Networks, Fortinet, or Cisco ASA/Firepower.
• Security & Networking Concepts: A deep understanding of network security principles, including Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), and security policy lifecycle management.
• VPN Technologies: In-depth knowledge of IPsec and SSL VPNs for both remote user access and site-to-site connectivity.
• Proactive Threat Management: Experience with vulnerability assessments, threat analysis, and implementing proactive security measures.
• Compliance & Documentation: The ability to implement and document configurations that align with major compliance frameworks.

Scope of Work & Key Deliverables:

The project will involve a full-scale audit and implementation plan, culminating in a hardened and optimized network perimeter. Key deliverables include:

• A comprehensive security audit report detailing current vulnerabilities and risks.
• A simplified and optimized firewall rule base, with clear documentation for each policy.
• A fully configured and documented VPN solution.
• A new logging and monitoring strategy to enhance threat visibility.
• A final report outlining all changes and recommendations for ongoing maintenance.

Support & Post-Project Expectations:

Beyond the project's completion, we expect a final knowledge transfer session with our internal team. This session should cover the new configurations, security policies, and best practices for ongoing firewall management. We also require a commitment to providing 1-2 weeks of post-project email support to address any unforeseen issues or questions that arise from the implementation.