Design, implement, operate, and support enterprise network security solutions across traditional, virtualized, and cloud environments, including routing, switching, segmentation, and traffic filtering technologies.
Serve as a subject matter expert for network security technologies, including firewalls, remote access solutions, IPSec VPNs, IDS/IPS, web application firewalls, proxies, DLP, CASB, NAC, micro-segmentation, wired and wireless security, SIEM, and next-generation breach detection platforms.
Design, deploy, and operate Palo Alto Networks SaaS Inline Security capabilities to provide real-time inspection, threat prevention, and data protection for SaaS application traffic.
Implement and manage Palo Alto Networks AI Access Security controls to secure enterprise usage of AI-driven and generative AI platforms, including policy enforcement, data loss prevention, and visibility into AI application usage and risk.
Integrate SaaS Inline Security and AI Access Security with existing Palo Alto Networks firewall platforms, CASB, DLP, and SIEM solutions to deliver a cohesive, end-to-end security architecture.
Define and enforce security policies for SaaS and AI application access aligned with corporate risk tolerance, data protection requirements, and industry best practices.
Monitor, analyze, and respond to security events and alerts related to SaaS and AI application traffic, performing investigation, tuning, and continuous optimization of controls.
Evaluate emerging SaaS and AI security features within the Palo Alto Networks ecosystem, advising on adoption, roadmap alignment, and operationalization across the enterprise.
Lead and contribute to network security initiatives from concept and architecture through implementation, testing, and production rollout, ensuring solutions align with business and security requirements.
Perform day-to-day operational support for network security infrastructure, including monitoring, troubleshooting, break-fix remediation, ticket handling, and change management in accordance with established processes and SLAs.
Provide expert-level troubleshooting of complex network and security issues at the protocol level (TCP/UDP, IP, ARP, DNS, HTTP/S), identifying root causes and implementing sustainable corrective actions.
Design, deploy, and maintain IPSec VPN solutions, including site-to-site and remote access, with a focus on scalability, security, and operational reliability.
Administer, design, and support Palo Alto Networks firewalls in on-premises, virtualized, and cloud-based environments; perform policy optimization, threat prevention tuning, upgrades, and lifecycle management.
Support and integrate complementary security platforms such as F5 WAF and McAfee CASB, ensuring seamless interoperability within the broader cybersecurity ecosystem.
Develop and maintain detailed technical documentation, network diagrams, security standards, and operational runbooks that reflect best practices and reference architectures.
Apply security control frameworks and methodologies (e.g., NIST, Cybersecurity Kill Chain) to architecture decisions, threat modeling, and remediation strategies.
Evaluate emerging cybersecurity technologies and vendors, objectively assessing technical capabilities versus marketing claims, and recommending solutions that provide measurable value and integrate effectively with existing systems.
Collaborate closely with cross-functional teams, including IT operations, cloud engineering, application teams, and security leadership, to ensure secure-by-design network architectures.
Use scripting and automation (Python required; Perl and Java a plus) to improve operational efficiency, enhance visibility, and reduce manual effort in network security operations.
Provide technical leadership, mentorship, and oversight for assigned projects or junior team members, promoting best practices and continuous improvement.
Stay current with evolving threat landscapes, attack vectors, and next-generation security platforms, proactively adapting defenses to address new risks.
Participate in on-call rotations and provide after-hours support as required to ensure the availability, integrity, and security of critical network infrastructure.

Requirements

Bachelor's Degree or equivalent
Strong understanding of enterprise level network operations including but not limited to route, switch, segmentation and filtering technologies in traditional, virtualized and cloud environments
Proven track record of successful IT project contribution from concept to completion
6+ years of specialization in Network Security technologies including firewall, remote access and IPSec VPN
6+ years of successful network-level troubleshooting and break-fix implementations
6+ years of experience with day-to-day network support, ticketing and change management
Experience in network security solutions design, documentation and best practices
Proven experience working in engineering capacity supporting network security and capabilities such as Firewalls, Intrusion Detection and Prevention Systems, Proxies, DLP, Network Deception, micro-segmentation, Network Access Control (NAC), wired and wireless security, SIEM, Next Gen Breach Detection Systems, Cloud Access Security Brokers(CASB)
Hands on experience with Palo Alto firewalls, F5 WAF, and McAfee CASB is highly desired.
Expert-level understanding of network protocols (TCP/UDP, IP, ARP, DNS, HTTP(S), etc.)
Detailed understanding of attack vectors, current threats, and their remediation strategies
Strong time management skills planning, organizing, and leading architecture development efforts
Strong interpersonal and communications skills to build and maintain ongoing business relationships
Self-Starter that requires minimal supervision, multi-tasks effectively, and can provide oversight and coaching to others for any assigned projects or tasks.
Detailed understanding of control frameworks and reference architectures such as NIST, Cybersecurity kill chain, etc.
Able to stay on top of latest cybersecurity developments and next gen platforms
Available for on call after hours support as required

Benefits

employee stock purchase plan with a 2-year look back
family support programs to help balance work and home life
robust mental health resources to prioritize emotional well-being
recognition and service awards to celebrate contributions and milestones

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

network securityfirewallsIPSec VPNIDS/IPSDLPCASBmicro-segmentationSIEMscriptingPython

Soft Skills

time managementinterpersonal skillscommunication skillsself-startermulti-taskingleadershipmentorshiporganizational skillsproblem-solvingcollaboration

Certifications

Bachelor's Degree