Firewall Engineer

Welcome to ConocoPhillips, where innovation and excellence create a platform for opportunity and growth. Come realize your full potential here.

Who We Are

We are one of the world’s largest independent exploration and production companies, based on proved reserves and production of liquids and natural gas. With operations and activities in 13 countries, we explore for, develop, and produce crude oil and natural gas globally. We are challenged with an important job to safely find and deliver energy to the world. Our employees are critical to our success, and with them we power civilization.

We’re grounded by our SPIRIT Values – safety, people, integrity, responsibility, innovation, and teamwork. These values position us to deliver strong performance in a dynamic business – but not at all costs. We believe it’s not just what we do – it’s how we do it – that sets us apart.

We strive to make a significant difference in the communities where we live and operate. We create an inclusive environment that values all voices and opinions. Together, the different backgrounds, experiences, ideas, and perspectives of our employees drive our success.

Job Summary

Description

The Network Security team is responsible for ensuring secure and reliable connectivity within the ConocoPhillips network. The team manages a broad firewall environment to meet high standards for network security and performance. Network Security collaborates with many global teams to enable secure connectivity including Network Operations, IT Security, Cloud Enablement, and Industrial Control Systems (ICS) teams.

If you are selected as the Firewall Engineer, you will be responsible for day-to-day operations of the Palo Alto firewall environment and lead initiatives to further enhance network security. A primary focus will be to advance our Zero Trust/Micro-Segmentation strategy by deploying and handling Secure Access Service Edge (SASE), Cloud Access Security Brokers (CASB), and additional Next-Generation Firewalls (NGFW). A strong knowledge of network security principles combined with the ability to quickly adapt to increasing security requirements will be key for this role.

Job Description

Your responsibilities may include:

• Serve as subject matter expert in global enterprise Network Security, firewall management, and remote access
• Lead efforts to advance Zero Trust strategy across the global network
• Deploy and maintain modern security solutions including SASE, CASB, and NGFW
• Progress micro-segmentation in both corporate and OT networks
• Enable secure remote access from both corporate and personal devices
• Expand threat detection/prevention and Data Loss Prevention (DLP) capabilities
• Support secure growth of the AWS and Azure cloud environments
• Develop automation to improve security and efficiency
• Handle firewall policy and conduct periodic reviews to ensure compliance
• Ensure firewall security products (URL Filtering, Threat Prevention, SSL Decryption, DLP, VPN, etc.) are in alignment with current standards and processes
• Troubleshoot connectivity issues related to Network Security systems

Basic/Required:

• Must be legally authorized to work in the United States on a full-time basis for anyone other than current employer
• 1+ years of experience of firewall/network administration
• 1+ years of experience with scripting or programming paradigms
• Willing and able (with or without reasonable accommodations) to perform tasks outside normal business hours on a rotational callout basis

Preferred:

• Bachelor’s degree or higher in Computer Science, MIS, other related discipline, or foreign equivalent
• 5+ years of experience in Network Security, Networking, or IT Security
• 3+ years of experience with Palo Alto Firewalls
• 1+ years of experience with scripting languages and tools (Python, Ansible, and PowerShell)
• Advanced knowledge of network security concepts including Zero Trust and Micro-Segmentation
• Advanced proficiency in networking principles, routing, network design, and common network protocols
• Firewall policy lockdown and hardening experience
• Basic proficiency working with REST APIs
• Certifications: CISSP, PCNSE, PCNSA, CCNA, CCNP, or CCIE
• An excellent teammate with the ability to get results quickly and efficiently, both internally and with outside vendors
• Ability to rapidly develop a conceptual understanding of environments that are new to them and provide insight into the analysis of related events
• Ability to resolve technical issues with clients and systematically resolve interrelated network and application issues
• Delivers results through realistic planning to accomplish goals
• Builds effective solutions based on available information and makes timely decisions that are safe and ethical
• Listens actively and invites new ideas for exchanged opinions, then influences and acts to drive positive performance and achieve results

Apply Before: November 6, 2023

Sponsorship:

ConocoPhillips’ sponsorship for employment authorization in the U.S. is NOT available for this position.

EEO:

In the US, ConocoPhillips is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, veteran status, gender identity or expression, genetic information, or any other legally protected status.