NI
Lake St. Louis, Missouri, United States Yesterday Not disclosed
Linux Firewall Engineer Jobs
Firewall engineering on Linux spans kernel-level packet filtering with iptables and nftables, application-layer firewalls, cloud security groups, and next-generation firewall platforms. Linux firewall engineers design and implement network security policies, manage perimeter defences, and increasingly work with eBPF-based tools like Cilium for Kubernetes network security.
Miami, Florida, United States 2d ago Not disclosed
Melbourne, Victoria, Australia 5d ago Not disclosed
Indianapolis, Indiana, United States 5d ago Not disclosed
Reston, Virginia, United States 6d ago $146k – $194k
Hawthorne, California, United States 6d ago $110k – $190k
Remote, United States May 27 Not disclosed
Remote, United States May 27 Not disclosed
L
San Francisco, California, United States May 27 Not disclosed
ES
Chennai, Karnataka, India May 26 Not disclosed
Reston, Virginia, United States May 21 Not disclosed
Springfield, Virginia, United States May 21 Not disclosed
Great Lakes Region, Michigan, Illinois, Minnesota, Ohio, United States May 21 Not disclosed
Reston, Virginia, United States May 21 Not disclosed
Charlotte, North Carolina, United States May 21 Not disclosed
Miami, Florida, United States May 21 Not disclosed
Abu Dhabi, United Arab Emirates May 21 Not disclosed
Quantico, Virginia, United States May 21 Not disclosed
Washington D.C., District of Columbia, United States May 21 Not disclosed
San Jose, California, United States May 21 Not disclosed
Frequently Asked Questions
-
The core Linux firewall tools are iptables and its modern replacement nftables, both operating at the kernel netfilter layer. firewalld is the default management interface on RHEL and Fedora-family systems. UFW (Uncomplicated Firewall) is common on Ubuntu. In Kubernetes, Calico and Cilium provide network policy enforcement using eBPF and iptables respectively.
-
nftables is the official replacement for iptables in the Linux kernel, offering a cleaner syntax, better performance through set-based matching, and a unified framework for IPv4, IPv6, ARP, and bridge filtering. RHEL 8 and Ubuntu 20.04 ship nftables as the default backend. iptables remains widespread in legacy systems and older automation scripts.
-
Kubernetes network policy is enforced by CNI plugins running on Linux nodes. Calico uses iptables or eBPF, Cilium uses eBPF exclusively, and Flannel provides basic connectivity without network policy. In cloud environments, security groups at the VM level provide an additional perimeter around Kubernetes nodes. Firewall engineers in Kubernetes contexts work with both the CNI layer and cloud provider network security.
-
Linux firewall roles require deep knowledge of TCP/IP networking, iptables or nftables rule authoring, routing protocols, and network troubleshooting with tools like tcpdump, Wireshark, and ss. Experience with cloud security groups (AWS, GCP, Azure), VPN configuration, and increasingly eBPF for advanced packet processing is valued in senior positions.