Palo Alto Network Security Engineer - Hybrid Role in Baltimore, MD
Booker DiMaio
Full-time
On-site
Baltimore, Maryland, United States
Cybersecurity
This is a hybrid role in Baltimore, MD.
US Citizenship or a Green Card is required.
Candidates must be able to interview in person.
Booker DiMaio is seeking a Senior Palo Alto Network Security Engineer to support enterprise firewall operations for the State of Maryland. This role will provide configuration, administration, optimization, and lifecycle management of Palo Alto Networks firewalls within a statewide, mission-critical network environment.
US Citizenship or a Green Card is required.
Candidates must be able to interview in person.
Booker DiMaio is seeking a Senior Palo Alto Network Security Engineer to support enterprise firewall operations for the State of Maryland. This role will provide configuration, administration, optimization, and lifecycle management of Palo Alto Networks firewalls within a statewide, mission-critical network environment.
Key Responsibilities
Enterprise Firewall Operations
- Configure, administer, and maintain Palo Alto Networks firewalls in a large-scale enterprise environment
- Manage and optimize security policies (App-ID, User-ID, NAT, Zone Protection, Threat Prevention profiles)
- Implement firewall rule changes in accordance with change management processes
- Troubleshoot connectivity, routing, and security policy issues
Panorama & Centralized Management
- Manage firewalls using Palo Alto Panorama
- Maintain device groups, templates, and configuration baselines
- Validate policy synchronization across high-availability pairs
Security & Compliance
- Monitor firewall logs and security events
- Integrate firewall logging with SIEM platforms
- Support audit documentation and compliance reporting
- Perform firmware upgrades (PAN-OS) and vulnerability patching
- Validate high availability (HA) configurations and failover processes
Incident Response & Escalation
- Support security incident investigations
- Provide root cause analysis for firewall-related outages or threats
- Coordinate with NOC and Security Operations teams
Change & Lifecycle Management
- Participate in change advisory board (CAB) processes
- Develop and maintain firewall documentation
- Conduct impact assessments prior to firewall updates
- Support transition-in activities as required
Required Qualifications
- Minimum 5–7 years of enterprise firewall engineering experience
- Minimum 3+ years of hands-on experience with Palo Alto Networks firewalls
- Demonstrated experience managing firewalls in a multi-site or enterprise-scale environment
Experience with:
- Panorama centralized management
- High Availability (Active/Passive configurations)
- Security policy engineering and rule optimization
- NAT and routing integration
- Threat Prevention and URL filtering profiles
Experience performing PAN-OS upgrades and firmware lifecycle management
Strong understanding of:
- TCP/IP, BGP, OSPF, VLANs, routing fundamentals
- Network segmentation and security zoning
Experience working within structured change management environments
Preferred Qualifications
- PCNSE (Palo Alto Certified Network Security Engineer) – Strongly Preferred
- PCNSA certification
- Experience supporting public sector or government enterprise networks
- Experience integrating Palo Alto firewalls with SIEM platforms (e.g., Splunk, QRadar)
- Experience in 24x7 NOC/SOC-supported environments
Soft Skills
- Strong documentation and communication skills
- Ability to work in a team-based NOC / Network Engineering environment
- Experience supporting enterprise stakeholders and cross-agency coordination
- Ability to operate within structured SLA-driven environments