We are looking for a highly skilled and detail-oriented Firewall Repository Engineer to architect, implement, and maintain our client's custom firewall package repository. You'll help our client streamline their network appliance deployment workflows by hosting and distributing customized or internally approved packages, patches, and configurations and you'll be working for an US-based Internet Service Provider.
Responsibilities:
Design, build, and maintain an internal/private pkg repository (based on FreeBSD pkg system). Create custom firewall packages, plugins, or patched versions of existing ones. Automate repository updates, package signing, and testing using CI/CD pipelines. Maintain secure infrastructure for repository hosting (e.g., HTTPS, key management). Monitor and manage package versioning, dependencies, and compatibility. Build workflows to sync or mirror upstream repositories as needed. Work with network and security teams to align packages with organizational policies. Provide documentation and tooling for team members to use the custom repo easily.
Required Skills:
Strong Linux/Unix or BSD systems administration experience (FreeBSD preferred). Understanding of both firewall architecture and pkg(8) system.
Required Experience:
FreeBSD ports or pkg system Firewall plugin development (preferred) Creating custom packages (.txz or .pkg) Familiarity with web servers (nginx, Apache) for serving repos over HTTPS. Proficiency with scripting (shell, Python) and basic automation (cron, Makefiles). Understanding of cryptographic signing (e.g., pkg repo with -s key options). Git and CI/CD workflow familiarity (GitLab CI, GitHub Actions, Jenkins, etc.).
Preferred Qualifications (not mandatory):
Experience managing firewalls, routing, HA setups in production. Contributions to FreeBSD ports tree communities. Basic knowledge of network security and firewall concepts. Familiarity with tools like poudriere, pkg-create, or make package.