Lead Infrastructure Engineer - Tier 4/Palo Alto/Fortinet
Company: JPMorganChase
Location: Wilmington
Posted on: April 2, 2026
|
|
|
Job Description:
Description Assume a vital position as a key member of a
high-performing team that delivers infrastructure and performance
excellence. Your role will be instrumental in shaping the future at
one of the world's largest and most influential companies. As a
Lead Infrastructure Engineer - Tier 4/Palo Alto/Fortinet at
JPMorgan Chase within the Infrastructure Platform (IP) Compute
Platform Network Services (CPNS), you apply deep knowledge of
software, applications, and technical processes within the
infrastructure engineering discipline. Continue to evolve your
technical and cross-functional knowledge outside of your aligned
domain of expertise. The Firewall Engineer will be responsible for
designing, implementing, and governing enterprise firewall and
network segmentation architectures that protect critical assets
across on-premises, cloud, and hybrid environments. This role leads
standards development, solution selection, deployment patterns, and
automation practices to ensure scalable, resilient, and compliant
security controls aligned to Zero Trust principles and business
objectives. Job Responsibilities Define enterprise firewall
reference architectures, segmentation models, and policy frameworks
across data centers, branches, and cloud, aligned to Zero Trust and
least?privilege principles. Design highly available, scalable NGFW
deployments including clustering, load balancing, dynamic routing,
NAT, TLS/SSL decryption, and application?layer controls for
north?south and east?west traffic. Develop hybrid and multi?cloud
patterns (AWS, Azure, GCP) using cloud?native controls (e.g.,
Security Groups/NACLs, AWS Network Firewall, Azure Firewall, GCP
VPC rules) and virtual NGFWs; integrate with SD?WAN where
applicable. Establish policy standards, naming conventions, and
rule lifecycle processes (request, review, approval,
attestation/recertification, decommission) mapped to NIST CSF, ISO
27001, PCI DSS, and regional requirements. Create and maintain
architecture blueprints, patterns, runbooks, and decision records;
lead design reviews and change advisory for firewall changes. Lead
deployments, upgrades, and migrations across Palo Alto and Fortinet
platforms; drive consolidation and rationalization programs. Build
Infrastructure?as?Code and automation (Terraform, Ansible, Python)
for provisioning, policy updates, pre?change validation, drift
detection, and compliance checks; integrate with CI/CD pipelines.
Define logging, telemetry, and alerting standards; integrate
firewall events with SIEM and SOAR for detection and response.
Partner with Network and SOC teams to optimize performance, reduce
rule?set complexity, and remediate misconfigurations; maintain
health dashboards and SLOs for clusters, sessions, throughput, and
latency; Conduct periodic rule reviews, risk assessments, and
attestations; enforce least?privilege access and manage exceptions
with traceability. Support audits and regulatory examinations with
control narratives and evidence; provide continuous compliance
reporting and drive findings to closure within SLAs; Provide Tier
3/architectural escalation during incidents; lead root?cause
analysis; design and test failover, backup/restore, and disaster
recovery strategies for firewall configuration and state. Translate
business and application requirements into secure connectivity
solutions and standardized segmentation patterns; Evaluate vendor
capabilities, influence product roadmaps, and manage lifecycle and
cost/risk trade?offs. Required qualifications, capabilities, and
skills Formal training or certification on software engineering
concepts and 5 years applied experience Proven experience with
next?generation firewalls, IDS/IPS, and segmentation; deep hands?on
with Palo Alto and/or Fortinet; exposure to Check Point/Cisco.
Strong networking expertise: TCP/IP, BGP/OSPF, VLANs, NAT,
IPSec/SSL VPN, SD?WAN; practical TLS/SSL decryption strategies and
operations. Experience with at least one public cloud (AWS, Azure,
or GCP) and cloud?native network security controls. Proficiency
with IaC and automation (Terraform, Ansible, Python) and
configuration management workflows; guardrail and validation
integration into CI/CD. Familiarity with SIEM/SOAR integrations,
logging taxonomy, and event correlation for firewall telemetry.
Working knowledge of security frameworks and standards (NIST CSF,
ISO 27001, PCI DSS; industry?specific as applicable). Excellent
communication and documentation skills; ability to lead
cross?functional reviews. Preferred qualifications, capabilities,
and skills Experience implementing Zero Trust architectures,
microsegmentation (host?based or SDN), and SASE/ZTNA solutions.
Background with cloud?native controls and virtual NGFWs across AWS,
Azure, and GCP. Exposure to SDN (e.g., NSX?T) and network policy
orchestration. Performance tuning and capacity planning for
high?throughput, low?latency environments. Leadership of
large?scale firewall migrations or platform consolidation
programs.
Keywords: JPMorganChase, Wilmington , Lead Infrastructure Engineer - Tier 4/Palo Alto/Fortinet, IT / Software / Systems , Wilmington, North Carolina
