Cisco ASA Engineer

Job Title : Cisco ASA / Firepower Engineer

Location : [Insert Location]

Employment Type : [Full-time / Contract]

Job Overview :

We are seeking an experienced Cisco ASA / Firepower Engineer to design, implement, and manage enterprise firewall environments. The ideal candidate will have deep expertise in Cisco Firepower Management Center (FMC), Firepower Threat Defense (FTD), and Firepower Threat Defense Virtual (FTDv) solutions. This role focuses on maintaining a robust security posture through proactive threat detection, firewall optimization, and policy management in hybrid cloud and multi-tenant environments.

Key Responsibilities :

Configure, manage, and troubleshoot Cisco ASA, FMC, FTD, and FTDv environments.

Implement and manage VPNs, NAT policies, DMZ configurations, and application-layer controls.

Conduct firewall audits, cleanups, and rule optimizations to eliminate redundant or unused rules.

Use FireMon Policy Manager, Policy Planner, and Risk Analyzer for policy management, optimization, and risk assessment.

Troubleshoot firewall issues, including connectivity, misconfigurations, and performance bottlenecks, using logs, CLI, and packet captures.

Support leaf-and-spoke firewall architectures and multi-tenant setups for global scalability.

Develop and document firewall policies, procedures, and compliance-related configurations.

Assist with security audits and assessments to ensure adherence to organizational policies and industry standards.

Mentor and guide junior team members to enhance technical expertise.

Stay current with emerging threats, vulnerabilities, and security technologies to proactively improve security posture.

Required Qualifications :

Bachelor's degree in Computer Science, Information Technology, or a related field.

5+ years of hands-on experience managing Cisco ASA and Firepower solutions.

In-depth knowledge of Cisco Secure Firewall Threat Defense , malware protection, and firewall policy management.

Strong understanding of network security principles , compliance requirements, and hybrid cloud environments.

Proven experience with firewall rule audits, VPNs, NAT, and DMZ configurations .

Excellent troubleshooting, analytical, and documentation skills.

Ability to mentor and lead junior engineers.

Nice-to-Have :

Experience with Cisco Identity Services Engine (ISE) for network access control.

Knowledge of Cisco ACLs for enhanced network security.

Familiarity with Palo Alto firewalls .