Our client is undertaking a multi-location modernization and migration initiative involving the transition from legacy systems to a more complex environment utilizing a unified Palo Alto Networks platform integrated with Panorama. We are seeking a highly experienced Firewall Consultant with deep Palo Alto expertise and strong network engineering capabilities to support this effort in collaboration with our client, which has teams at various locations. Location: NYC - Hybrid: You will need to be onsite approximately 2 times per week at various client locations across NYC. In addition, there will be night and weekend work to support the implementation. Job Duties
- Provide subject matter expertise (SME) in Palo Alto firewall technologies, including Panorama, App-ID, User-ID, threat prevention, and global protect VPN.
- Review and validate current firewall configurations, security policies, NAT rules, and routing across various locations.
- Design and implement optimized Palo Alto firewall policies aligned with security best practices and institutional requirements.
- Collaborate with network leads at the various locations to plan and execute firewall migrations, including cutover planning and rollback procedures.
- Analyze and translate existing firewall rulesets to Palo Alto syntax and logic.
- Conduct pre-migration assessments, gap analysis, and post-migration validation and testing.
- Assist in developing and refining Method of Procedures (MOPs), migration playbooks, and standard operating procedures (SOPs).
- Participate in troubleshooting, root cause analysis, and resolution of complex network or firewall-related issues.
- Support knowledge transfer and mentoring of internal technical staff.
Qualifications
- 10+ years of experience in enterprise network engineering and firewall administration.
- 5+ years of hands-on experience with Palo Alto Networks firewalls, including centralized management with Panorama.
- Proven experience in complex firewall migrations, security policy design, and rulebase optimization.
- Strong background in Layer 2/3 networking, VLANs, routing protocols (OSPF, BGP), NAT, VPNs, and high availability configurations.
- Familiarity with security best practices (NIST, CIS Benchmarks) and modern threat prevention mechanisms.
- Experience with packet capture analysis, log correlation, and advanced troubleshooting techniques.
- Excellent communication, documentation, and collaboration skills.
- Palo Alto certifications preferred (PCNSE, PSE, or equivalent).
- Bachelor's degree.
- A minimum of 15+ years of related experience.
- 2+ years of supervisory experience OR 5+ years of program/project management experience
Hourly Rate Range: $95.00 - $115.00 Garnet RiverĀ® is a full-service information technology company that customizes solutions for its clients. We solve challenges through staff augmentation, project-based teams and technical solutions. Our staffing division works as a recruiting arm for companies in the region and across the country. Clients turn to us to help them find professional talent. Garnet River LLC is an Equal Employment opportunity/Affirmative Action (EEO/AA) employer. Minorities/Female/Disabled/Veteran (M/F/D/V)