Firewall Designer

  • Location

    Ipswich, Suffolk

  • Sector:


  • Job type:


  • Salary:


  • Contact:

    Kate Smith

  • Contact email:

  • Job ref:


  • Published:

    5 months ago

  • Duration:

    3+ Months

  • Expiry date:


  • Start date:


Firewall Designer- Ipswich- 3+ Months.

Candidates should hold SC clearance or be eligible and willing to undergo the process.

Key purpose of the role:

  • Firewall Designer required on the Public Sector Networks (PSN) / Shared Services Platform (SSP) to lead design, development and support at a technical level on a range of platform and secure communications solutions. A detailed understanding of Cisco and Palo Alto firewalls is a minimum, with experience of supporting and troubleshooting complex network deployments. Candidates will ideally have exposure to other data centre disciplines such as Cisco routing and switching and VMware ESX networking and design. Cisco CCNP Security and Palo Alto PCNSE certification is desirable. Server experience, Microsoft and Linux, is also desirable.
  • This is principally a paper based design role and although it includes access to devices, it is not predominantly hands-on.

    The role will involve:

    • requirements capturing and production of the resulting detailed design of Firewalls and Security Enforcing solutions
    • Network security platform experience across a wide range of manufacturers - Design and Implementation of Cisco ASA and Palo Alto Policies, but also include other network technologies related to secure remote access, encryption and load-balancing
    • A background in HMG and Official Sensitive networks and security is desirable but not essential
    • Being focused on delivering tangible design outcomes within agreed timescales
    • Having a proactive behaviour and being capable of shouldering a technical responsibility consistent with the STST04 grade
    • The LAN design aspect of this role is centred upon multi-layer switched Cisco and Nexus networks, supporting a collection of systems such as OSS, IPT, RAS and management servers. LAN design skills, including DMZ Security Boundaries
    • Knowledge of IPS / IDS, Content inspection and Proxy systems

    All of the above needs to be managed with appropriate adherence to the security requirements of the programme and with minimal disruption to existing in-life operations.