Lead Engineer - CFM (Central Infra Services)

Position Overview

 The Lead Engineer will be responsible for managing the health, performance, and scalability of the Algosec suite, driving firewall governance and compliance, and leading the design and implementation of automation workflows to streamline firewall operations.

Role & Responsibilities

Algosec Infrastructure & Tooling Management (20%)

• Serve as the lead, primary administrator and subject matter expert for the Algosec platform.
• Manage the health, performance, scalability, and integration of the Algosec suite (Firewall Analyzer, FireFlow).
• Develop and maintain custom reports, workflows, and policies within Algosec to meet compliance and operational needs.
• Troubleshoot complex issues and coordinate with vendor support as needed.

Central Firewall Governance, Compliance & Reporting (20%)

• Establish and enforce global firewall security standards, hardening baselines, and configuration compliance policies.
• Conduct regular security posture reviews and risk assessments of the firewall rule base using Algosec and other tools.
• Lead the periodic firewall policy review and recertification process, ensuring timely cleanup and risk mitigation.
• Govern firewall operations across multiple vendors (e.g., Check Point, Palo Alto, Fortinet) from a central policy perspective.
• Provide Monthly Performance & Governance Reporting: Develop and distribute comprehensive monthly reports on key metrics, including:
• Firewall policy compliance status and drift.
• Risk exposure metrics (e.g., number of overly permissive rules, shadowed rules).
• Clean-up progress and recertification status.
• Volume and type of firewall changes processed.
• Performance and availability of the Algosec platform.

Firewall Automation & Integration (50%)

• Design & Execution: Architect, code, and implement automation workflows for firewall policy changes, risk analysis, and compliance auditing.
• Integration: Develop and maintain deep integrations between Algosec, ServiceNow (for ticketing and catalog items), IPAM systems (e.g., Infoblox), and the firewalls themselves via APIs.
• Self-Service: Create user-friendly, automated service request catalogs in ServiceNow for common firewall change requests (e.g., open port, add NAT).
• Metrics & Improvement: Track and report on automation metrics. Own the goal of automating 80% of all firewall service requests and continuously identify new areas for automation.
• Zero Ops Strategy: Actively contribute to and execute the long-term strategy to achieve a zero-operations model for routine firewall tasks.

Service Request Fulfilment & Operational Excellence (10%)

• Review, analyze, and execute complex firewall change requests, ensuring they meet security policy and best practices.
• Serve as an escalation point for troubleshooting failed automation or complex network connectivity issues.
• Document processes, standards, and automation designs for knowledge sharing and operational consistency.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Minimum 8 years' experience in network security engineering, with a focus on firewall management and administration.
• Proven expertise in managing and administering Algosec platform components (Firewall Analyzer, FireFlow).
• Strong knowledge of firewall technologies and vendors including Check Point, Palo Alto, and Fortinet.
• Hands-on experience in designing, developing, and deploying automation workflows using scripting and API integrations

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!