Sr Network Security Engineer

Job Summary

We are seeking a Senior Network Security Engineer to lead the design, implementation, and maintenance of our enterprise Network Security infrastructure, with a heavy operational focus on Palo Alto Networks ecosystems and Zero Trust architectures. The successful candidate will play a pivotal role in advancing our modern hybrid environment, ensuring robust protection, secure access, and aggressive threat mitigation.

Key Responsibilities

• Lead the design, implementation, and maintenance of network security solutions with a primary focus on Palo Alto firewalls (local and cloud appliances).
• Configure, manage, and troubleshoot Palo Alto firewalls using Panorama and Strata Cloud Manager, including advanced threat prevention capabilities (e.g., Enterprise DLP, Wildfire, URL Filtering, Global Protect VPN).
• Architect and deploy cloud implementations of Palo Alto technologies, specifically implementing Next-Generation Firewalls (NGFW) within Azure Landing Zones to secure cloud and hybrid workloads.
• Design and implement Zero Trust network architectures, utilizing advanced network micro-segmentation strategies and tools to enforce strict access controls and significantly reduce lateral movement risk across the enterprise.
• Administer Cloudflare and Cisco Umbrella for secure edge access, DNS filtering, DDoS mitigation, WAF, API protections, and web proxy.
• Manage and maintain Public PKI certificate lifecycles to ensure secure encrypted communications and strong authentication.
• Lead vulnerability remediation efforts related to the network infrastructure and ensure timely closure.
• Participate in active incident response efforts involving network and perimeter security incidents.
• Participate in 24x7 support on-call rotation.
  
  

Qualifications & Skills

• 10-12 years of experience in enterprise network security engineering roles, with significant project leadership experience and prioritization and direction of contractors and junior staff.
• Bachelor’s degree in computer science, or related field.
• Deep proficiency and hands-on experience in Palo Alto Networks firewall configuration, troubleshooting, and advanced security features (Panorama, Strata, DLP, Global Protect).
• Proven experience with cloud security implementations, including the deployment and management of NGFW within Azure Landing Zones.
• Strong hands-on experience designing and deploying network micro-segmentation and Zero Trust frameworks.
• Solid foundational understanding of core network routing and switching technologies, including BGP, OSPF, and standard network protocols, to ensure seamless integration of security appliances within the broader network.
• Proven track record of independently leading and successfully delivering complex security infrastructure projects from conception to completion.
• Advanced troubleshooting and diagnostic skills for complex security issues across multi-vendor hybrid environments.
• Flexibility for after hours planned maintenance and emergency support. Scheduled will require occasional after hours planned maintenance and emeryency escalation support work including nights and weekend time.
• Excellent leadership and communication skills, with the ability to work effectively across IT, security, and business units.
• Be a self-starter and demonstrate a proactive mindset, and ability to work with minimal supervision.
• Display skills and be able to utilize network monitoring and reporting platforms, including (or similar to) specifically SolarWinds Network Performance Monitor (NPM) and NetFlow Traffic Analyzer (NTA), to analyze traffic patterns and identify potential security anomalies.
• Experience working in enterprise environments with distributed teams. Collaborative mindset with a focus on continuous improvement
• Ability to work under pressure and manage multiple priorities, displaying a high level of accountability and ownership
• Demonstrate an energetic “can-do” attitude, with an ability to bring issues to completion.
• PCNSE (Palo Alto Networks Certified Network Security Engineer) certification is required.
• Experience with Cloudflare, Cisco Umbrella, and Public PKI administration is desirable.
• Experience with Automation and infrastructure-as-code (e.g., Ansible, Python, Terraform) is desirable.
  
  

Posted Salary Range

USD $76,000.00 - USD $101,000.00 /Yr.