Cyber Security Network Firewall Administrator

POSITION SUMMARY

Salary

$100,000-$120,000

The Cyber Security Firewall Administrator is responsible for the deployment, configuration, and ongoing administration of firewall and remote access systems to safeguard the Chicago Transit Authority's networks from cyber threats. This role involves implementing and maintaining firewall and remote access/VPN rules and policies, monitoring traffic for unusual activity, analyzing logs, and responding to security events. The administrator works closely with IT and cyber security teams to ensure firewall and remote access/VPN configurations align with organizational security standards and regulatory requirements, supporting a secure and resilient network environment.

PRIMARY RESPONSIBILITIES

• Install, configure, and maintain enterprise firewall systems (e.g., Palo Alto, Cisco, Fortinet, Check Point).
• Create, modify, review, and optimize firewall rules for security and performance.
• Implement and update firewall rules and access control lists (ACLs) in accordance with security policies.
• Monitor and interpret firewall logs and alerts to detect, analyze, and respond to potential security incidents.
• Apply firmware updates and security patches to firewall systems to mitigate vulnerabilities.
• Diagnose connectivity issues, packet drops, and misconfigured policies.
• Troubleshoot firewall-related issues affecting network performance or connectivity.
• Document firewall architecture, configurations, change management activities, and
• Build and maintain IPsec and SSL VPNs, both site-to-site and client-based.
• Configure, deploy, and maintain Virtual Private Network (VPN) solutions (e.g., IPsec, SSL VPN, remote access, site-to-site).
• Implement and enforce security policies for Remote Access/VPN access in accordance with organizational standards.
• Manage Remote Access/VPN user access, including provisioning, deprovisioning, and authentication setting protocols such as LDAP, RADIUS, or SAML.
• Apply firmware updates and security patches to Remote Access/VPN appliances and associated infrastructure.
• Monitor Remote Access/VPN performance, availability, and usage to ensure secure and reliable connectivity.
• Integrate Remote Access/VPN solutions with identity and access management (IAM) systems and multi-factor authentication (MFA) like Duo, RSA SecurID, or Azure MFA.
• Troubleshoot Remote Access/VPN-related issues affecting remote users or inter-site communications.
• Maintain documentation of Remote Access/VPN architecture, configurations, changes, and procedures.
• Conduct regular audits of firewall and remote access/VPN configurations to ensure compliance with internal and regulatory standards.
• Researches and analyzes cyber security threat indicators and their behaviors for the prevention, detection, containment, and correction of security breaches, and recommends threat mitigation strategies.
• Assesses new security technologies to determine potential value for the enterprise.
• Performs related duties as assigned.

MANAGEMENT RESPONSIBILITIES

Reporting to this position are the following jobs:

Job Title

N/A

CHALLENGES

• Maintaining knowledge of current cyber technology tools, architectures, and trends in a rapidly changing field.
• Completing cyber activities requiring the assistance of other teams with competing priorities.

EDUCATION/EXPERIENCE REQUIREMENTS

Bachelor's degree in information security/cyber security, information technology, computer science or related field; including certifications such as Cisco Certified Specialist - Security Core, Cisco Certified Network Professional (CCNP) Security, Cisco Certified CyberOps Professional, or similar, and three to five years of experience in firewall administration or related position for large enterprises, or an equivalent combination of education certifications and experience related to the position.

PHYSICAL REQUIREMENTS

• Requires remaining in a stationary position for extended periods of time and constantly operating a computer.
• May be required to travel to various field locations.
• Must be able to lift, maneuver and carry material weight up to 50 pounds.

KNOWLEDGE, SKILLS, AND ABILITIES

• Be a proficient problem-solver that can work autonomously and with others.
• Knowledge of network applications and protocols, configuration, routers, logging, monitoring, administration.
• Knowledge of Syslog and SIEM principles, operations, configuration, and usage.
• Knowledge of operating systems such as Unix, Linux, Microsoft Windows, VMware and Cisco.
• Detailed knowledge of Command Line Interface syntax and use.
• Awareness of NIST, ISO 27001, PCI-DSS, HIPAA, or similar frameworks.
• Knowledge of encryption technology, tools, and techniques.
• Knowledge of certificate-based authentication, pre-shared keys, IKE/IPsec negotiation, and TLS.
• Knowledge of ACLs, security zones, policies, rule base configuration, and best practices.
• Knowledge of Defense-in-depth, zero trust, intrusion prevention, NAT, packet filtering, and stateful inspection.
• Ability to maintain absolute confidentiality of sensitive files, data and materials accessed, discussed, or observed, and while adhering to security policies and procedures.

WORKING CONDITIONS

• General office environment.
• May be required to travel to various field locations.
• Subject to various weather conditions when traveling to and from work locations.
• Subject to normal garage, shop, and terminal hazards such as noise, dust, grease, moving vehicles, etc. when working in bus/rail workshops, garages, and terminals.

EQUIPMENT, TOOLS, AND MATERIALS UTILIZED

• Personal computer and related software as needed.