W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9pc2nhcibbc3nvy2lhdgvzl2pwzy9iyw5uzxitzgvmyxvsdc1qb2iuanbnil1d

Network Palo Alto Engineer - REMOTE & INSIDE

  • Location:

    London, England

  • Sector:

    IT Security

  • Job type:

    Contract

  • Salary:

    £600 - £651 per day

  • Contact:

    Jack McLane

  • Contact email:

    jack.mclane@oscar-tech.com

  • Job ref:

    JML_1669119345

  • Published:

    15 days ago

  • Expiry date:

    2022-12-22

  • Startdate:

    ASAP

  • Consultant:

    Jack McLane

Network Palo Alto Engineer

INSIDE & REMOTE

My client, a Pharma Organisation, are looking for a Network Engineer with strong Palo Alto Firewall experience. The role is INSIDE or IR35 and Remote apart from the Cabling element of the role.

All expenses will be covered.

Below is some detail on the role.

Design (remote)

  • Review IT and OT networks/VLANs in customer environment
  • Identify in coordination with customer the IT and OT networks to be segmented
  • Design and plan the implementation of the Palo Alto PA 450 firewalls in the network
  • Create the Low-Level Design (LLD) as needed
  • Create the High-Level Design (HLD) as needed

Power/Rack/Cabling/Installation (onsite)

  • Onsite Technician will need to have console cable, hotspot & ability to connect to WebEx/Zoom/Teams without going through customer network if possible.
  • Ensure sufficient power and rack outlet capacity for HA firewalls
  • Review of available rack unit (RU) in existing racks to install new Palo 450 firewalls edge devices.
  • Review of infrastructure cabling, patch panel port availability and appropriate cable lengths.
  • Rack HA Pair of PA 450 firewalls
  • Cable PA 450 firewall interfaces for HA and to the assigned switchports for management, IT and OT networks.
  • Verify management interfaces have connectivity to Panorama and internet.
  • Verify SSH and HTTPS access to PA 450 firewalls

Implementation Tasks(remote)

  • Import PA 450 HA firewalls into Panorama
  • Configure Panorama network templates and template Stacks with the relevant information from HLD
  • Configure 2 security zones, one for IT and OT
  • Configure virtual router and relevant routing protocol determined in design session and HLD
  • Configure Panorama device groups with the relevant information from HLD
  • Configure Security Policy rules with an allow all rule set
  • Monitor traffic traversing the IT and OT security zones for two weeks and come up with locked down rule set of protocol, ports and services
  • Coordinate with customer to schedule an approved maintenance window to implement new locked down security policy rule set and remove allow all rule
  • Conduct full connectivity testing
  • Perform knowledge transfer to customer network engineering team

Oscar Technology is acting as an Employment Business in relation to this vacancy.

To understand more about what we do with your data please review our privacy policy in the privacy section of the Oscar website.