Firewall Engineer (contract)
Wells Fargo · Irving, TX · 1 mo ago
Information TechnologyContract
Responsibilities
- Operate and mature a micro-segmentation platform (Illumio or equivalent SaaS-based solution)
- Manage agent lifecycle (e.g., VEN or equivalent) across: Windows, Linux, and future platforms (e.g., AIX)
- Support onboarding, migrations, and large-scale deployment efforts
- Design and implement least-privilege segmentation policies
- Transition safely from visibility mode to enforcement
- Prevent east-west (lateral) movement within environments while complementing north-south controls (firewalls/WAF)
- Apply workload labeling and policy modeling best practices
- Analyze traffic flow telemetry to validate policy accuracy and system health
- Use SIEM tools (e.g., Splunk preferred) for: baseline analysis, time-based investigations, distribution and anomaly detection, and troubleshoot telemetry ingestion pipelines and identify gaps or delays
- Lead incident response and escalation with segmentation platform vendors
- Partner with vendor engineering teams during: platform outages, capacity/scaling events, and data integrity concerns
- Work with Network Engineering, NOC/NMC, Security, and Application teams
- Cross-functional collaboration to coordinate change management and production deployments
- Communicate risks, impacts, and recommendations clearly across technical and business stakeholders
- Develop and maintain segmentation standards, baselines, and governance controls
- Ensure policies align with audit, compliance, and risk requirements
- Support certification of controls for critical systems (e.g., payment or regulated applications)
Qualifications
- Authorized to work for ANY employer in the U.S.
- Micro-Segmentation & Zero Trust: hands-on experience with workload-level segmentation and lateral movement prevention, proven ability to deploy and enforce policies safely in production environments
- Platform Experience: experience with Illumio or equivalent segmentation platforms, understanding of agents (e.g., VEN), SaaS policy engines, enforcement modes and migration strategies, comfortable engaging directly with vendor support/engineering teams
- Traffic Analysis & SIEM: strong experience using SIEM tools (Splunk preferred), deep understanding of telemetry pipelines and event ingestion, ability to distinguish between policy issues vs. platform constraints
- Infrastructure & Systems: strong fundamentals in Linux and Windows server environments, network flows and application dependencies, understanding of east/west vs. north/south traffic patterns, operational maturity experience with incident response and change management, ability to translate technical concepts into business and executive-level insights
- Communication Skills: ability to communicate risks, impacts, and recommendations clearly across technical and business stakeholders, strong collaboration and influencing skills across teams and vendors
- Technical Foundations: ~3+ years of experience in Network engineering / firewall engineering / security engineering, exposure to Python and/or Ansible for automation, ServiceNow (preferred for ticketing/change management), experience with Splunk logging and analytics, familiarity with cloud environments (Azure preferred) and IAM concepts (RBAC, SaaS auth), experience integrating telemetry into SIEM platforms, data lakes or automation pipelines, exposure to WAF (Web Application Firewalls), policy certification and audit traceability, background in regulated industries (banking, healthcare, government)