Firewall / Security Architect (FortiGate Expert)

Who we are

Technuf, LLC is a Maryland based SBA certified 8(a) small business company providing leading-edge and proven technologies, industry vertical domain expertise and highly skilled and motivated professionals to achieve our customers’ mission critical business needs.

What we’re looking for

Technuf is seeking a skilled and experienced Firewall / Security Architect.

Job Description

We are seeking a highly skilled Firewall / Security Architect (FortiGate Expert) to design, implement, and manage our enterprise security infrastructure. This role will serve as the technical authority for Fortinet technologies, Microsoft Defender XDR, vulnerability management, and security operations coordination with our vCISO and 24x7 SOC partner. The ideal candidate combines deep hands-on engineering expertise with strong collaboration, analysis, and security leadership skills.

Responsibilities

• Design, engineer, configure, and maintain all FortiGate clusters, SD-WAN policies, segmentation VDOMs, VPNs, and security inspection profiles.
• Maintain FortiGate policies and logging using FortiManager, and provide security analyst recommendations based on findings using FortiAnalyzer.
• Lead quarterly rulebase reviews and ensure high-availability design resilience across both data centers.
• Work with vCISO and SOC on architecture, threat mitigation, and compliance alignment.
• Coordinate with vCISO and SOC for incident response.
• Support annual security audits and risk reviews.
• Enforce endpoint security via Microsoft Defender for Endpoint and network access with Extreme XIQ-SE Control and Aruba ClearPass NAC.
• Manage setup, servicing, and deployment of Microsoft Defender XDR and its suite of products.
• Perform daily security analysis, communication, and capacity building with internal BPS device management staff.
• Lead vulnerability management, cybersecurity integration, and coordination/support with vCISO.
• Serve as the primary point of contact for outside vendors providing 24x7x365 SOC services for severity 1 and 2 incidents/events.
• Actively perform regular vulnerability scans using Tenable Nessus Scanner and Microsoft Defender Vulnerability Management.
• Act upon security consultant and SOC recommendations to enact changes within the Microsoft Defender XDR suite, including conditional access policies and Microsoft Sentinel review, and act as the primary interface for the SOC vendor and ticketing system.
• Manage content filtering infrastructure and agents for LightSpeed or alternate solutions.
• Work with and train internal BPS security support staff and vendors to achieve best practices in risk assessment and testing.

Requirements

• Proven hands-on experience as a Firewall Engineer, Security Architect, or Network Security Engineer with deep expertise in FortiGate environments.
• Strong experience with Fortinet NSE 5–7, Advanced SD-WAN, and IPS/IDS.
• Familiarity with NIST CSF and ITIL v4.
• Strong analytical, documentation, and communication skills.
• Ability to work collaboratively across technical and non-technical teams.

Education

Bachelor’s degree from an accredited college or university.

Interviews

Please note that both remote and in-person interviews may be required for this opportunity.

Location

This is a remote position based in Buffalo, NY.