Work with Us. Change the World.

At AECOM, we're delivering a better world. Whether improving your commute, keeping the lights on, providing access to clean water, or transforming skylines, our work helps people and communities thrive. We are the world's trusted infrastructure consulting firm, partnering with clients to solve the world’s most complex challenges and build legacies for future generations.

There has never been a better time to be at AECOM. With accelerating infrastructure investment worldwide, our services are in great demand. We invite you to bring your bold ideas and big dreams and become part of a global team of over 50,000 planners, designers, engineers, scientists, digital innovators, program and construction managers and other professionals delivering projects that create a positive and tangible impact around the world.

We're one global team driven by our common purpose to deliver a better world. Join us.

We are seeking a skilled and motivated Firewall & Network Security Engineer with hands-on experience supporting Palo Alto Networks Next-Generation Firewalls (NGFWs) and Prisma Access to join our Cybersecurity Engineering department.

The successful candidate will collaborate closely with internal cybersecurity, infrastructure, and architecture teams, as well as an outsourced service provider, to ensure the secure design, implementation, and operation of firewall and network security technologies in a multi-datacenter, global enterprise environment supporting over 50,000 onsite and remote users.

The ideal candidate is comfortable operating firewall environments end-to-end, troubleshooting complex issues, and partnering across infrastructure and cloud teams to deliver secure, scalable solutions. This role offers opportunities for cross-training across other areas of the Cybersecurity Engineering department, enabling professional growth and broader exposure to enterprise security technologies. Experience across broader network and security disciplines, including routing, switching, and load balancers, is preferred.

This position offers flexibility for a hybrid work schedule, combining in-office and virtual work, and must be based in Dallas or Houston, TX.

Responsibilities:

• Own the firewall access request and approval process, including security and NAT policies and device configurations, while collaborating under the guidance of the senior Network Cybersecurity Engineer
• Design, implement, and manage security policies, including App-ID, User-ID, Content-ID, and URL filtering
• Manage the full firewall rule lifecycle, including creation, validation, optimization, cleanup, and periodic reviews
• Participate in device configuration and security reviews for firewalls to ensure alignment with security standards, best practices, and architectural requirements
• Lead the identification, assessment, and remediation of Palo Alto security advisories and vulnerabilities, ensuring network protection and compliance
• Oversee day-to-day firewall and network security operations in partnership with a third-party managed security service provider (MSSP), providing technical guidance, oversight, and escalation support as needed
• Partner with the IT Infrastructure networking team to strengthen security and operational processes across enterprise networking technologies, including F5 load balancers and Cisco routing and switching, ensuring alignment with security standards and best practices
• Provide subject matter expertise to the Cybersecurity Architecture team on the deployment of Palo Alto and other network devices
• Drive continuous improvements to processes, environments, and overall security posture, ensuring operational efficiency and risk reduction
• Participate in cross-training opportunities within the Cybersecurity Engineering department to develop broader skills across enterprise security technologies and network operations

Required Qualifications

• BA/BS degree plus at least 6 years of experience in IT security or a related field or demonstrated equivalency of experience and/or education
• Hands-on experience managing Palo Alto NGFWs, GlobalProtect, and Prisma Access in a centrally managed, enterprise environment
• Proven experience troubleshooting complex network/security incidents, including connectivity, performance, and policy issues
• Experience creating or enforcing firewall and network security policies at scale across multiple sites or geographies
• Strong analytical, problem-solving, and communication skills
• Ability to work independently while contributing effectively within a team environment

Preferred Qualifications

• Palo Alto Networks certifications (PCNSE, PCNSA)
• Broader networking experience beyond firewalls, including routing, switching, and load balancing fundamentals
• Experience with both Panorama and Strata Cloud Manager, including transition
• F5 BIG-IP certifications or hands-on experience managing load balancers
• Cisco certifications (CCNA, CCNP) or demonstrated expertise in enterprise routing/switching
• Experience with secure network segmentation and micro-segmentation in enterprise environments
• Familiarity with cloud security services (e.g., AWS Security Groups, Azure NSG, Prisma Cloud) and cloud-native firewall integration

• Sponsorship for US work authorization is not available for this position, now or in the future
• Relocation assistance is not available for this position

About AECOM 

AECOM is proud to offer comprehensive benefits to meet the diverse needs of our employees. Depending on your employment status, AECOM benefits may include medical, dental, vision, life, AD&D, disability benefits, paid time off, leaves of absences, voluntary benefits, perks, flexible work options, well-being resources, employee assistance program, business travel insurance, service recognition awards, retirement savings plan, and employee stock purchase plan. 

AECOM is the global infrastructure leader, committed to delivering a better world. As a trusted professional services firm powered by deep technical abilities, we solve our clients’ complex challenges in water, environment, energy, transportation and buildings. Our teams partner with public- and private-sector clients to create innovative, sustainable and resilient solutions throughout the project lifecycle – from advisory, planning, design and engineering to program and construction management. AECOM is a Fortune 500 firm that had revenue of $16.1 billion in fiscal year 2025. Learn more at aecom.com. 

What makes AECOM a great place to work 

You will be part of a global team that champions your growth and career ambitions. Work on groundbreaking projects - both in your local community and on a global scale - that are transforming our industry and shaping the future. With cutting-edge technology and a network of experts, you’ll have the resources to make a real impact. Our award-winning training and development programs are designed to expand your technical expertise and leadership skills, helping you build the career you’ve always envisioned. Here, you’ll find a welcoming workplace built on respect, collaboration and community—where you have the freedom to grow in a world of opportunity. 

As an Equal Opportunity Employer, we believe in your potential and are here to help you achieve it. All your information will be kept confidential according to EEO guidelines.