System Engineer

About the Role

We are seeking a Systems Engineer III to join our Professional Services team. In this role, you will design, deploy, and support secure and scalable network solutions for enterprise clients across the NY Metro area, working primarily within Palo Alto Networks platforms and Microsoft Azure networking environments. This is a client-facing position that also contributes to pre-sales efforts and internal knowledge development.

What You Will Do

• Design, deploy, and support secure network solutions leveraging Palo Alto Networks platforms (NGFW, Panorama, Prisma Access, SD-WAN) and Microsoft Azure networking services (VNets, NSGs, Azure Firewall, VPN Gateways, ExpressRoute).
• Configure and manage security policies, NAT rules, VPNs (IPSec/SSL), GRE tunnels, and advanced firewall features across on-premises and cloud environments.
• Architect zero trust and micro-segmentation strategies in Azure, integrating with Azure AD and enforcing role-based network access controls.
• Monitor and troubleshoot performance, connectivity, and security using Azure Monitor, Network Watcher, Azure Sentinel, and Palo Alto logging and reporting tools.
• Support cloud migrations from on-premises to Azure; provide guidance on cloud governance, security, compliance, and cost optimization.
• Engage in technical pre-sales activities including architecture sessions, solution design, demos, and proposal development.
• Document design specifications, operational runbooks, and implementation standards.
• Mentor team members and contribute to knowledge transfer on Palo Alto and Azure technologies.
• Collaborate with cross-functional teams including NOC, project teams, and clients to align solutions with business and technical requirements.

What We Are Looking For

• Minimum 4 years of hands-on experience in enterprise networking environments.
• Advanced knowledge of Palo Alto Networks platforms including NGFW configuration, Panorama, Prisma Access, and SD-WAN (CloudGenix or native PAN-OS).
• Strong proficiency with Microsoft Azure networking: VNets, NSGs, VPN Gateways, Azure Firewall, ExpressRoute, Load Balancers, Application Gateways, Azure Front Door, and Traffic Manager.
• Solid understanding of tunneling and encryption protocols: SSL/TLS, IPSec, and GRE.
• Experience with authentication technologies: MFA, RADIUS, LDAP, and Active Directory.
• Knowledge of IP routing protocols including BGP, static routing, and NAT.
• Experience with digital certificate lifecycle management and PKI integration.
• Excellent written and verbal communication skills with the ability to work independently and within cross-functional teams.

Nice to Have

• Experience with Fortinet, Check Point, Amazon AWS, Okta, or CyberArk.
• Prior experience at a VAR, systems integrator, or technology consulting firm.

Preferred Certifications

• Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Palo Alto Networks System Engineer Professional (PSE) – Hardware Firewall
• Palo Alto Networks System Engineer Professional (PSE) – Software Firewall
• Microsoft Certified: Azure Network Engineer Associate (AZ-700)

Education

• Bachelor’s degree in Computer Science, Management Information Systems, or a related field, or equivalent practical experience.

Candidates that take the time to briefly describe a network security project where you designed or deployed a solution involving both on-premises firewalls and a cloud networking environment move to the top of the list.

Compensation

Competitive base salary plus utilization bonus and MBO bonus.

To apply, please submit your resume and a brief note on your Palo Alto and Azure experience.