Palo Alto Network Security Engineer
Network Security Engineer (Palo Alto) – Tier II
About the Role
We are seeking an experienced Tier II Network Security Engineer to support and manage our enterprise network security infrastructure, with a primary focus on Palo Alto Networks Next-Generation Firewalls (NGFW).
In this role, you will be responsible for firewall administration, security policy management, routing and switching support, vulnerability management, and incident resolution across large-scale enterprise environments. You will work closely with Network Operations, Security Operations, and Infrastructure teams to maintain a secure, highly available, and high-performing network.
Key Responsibilities
Firewall Administration- Deploy, configure, and maintain Palo Alto Networks NGFW appliances.
- Administer Panorama for centralized firewall management.
- Configure and maintain security policies, NAT, application control, URL filtering, WildFire, and Threat Prevention.
- Manage IPsec and SSL VPN connectivity for remote users and site-to-site communications.
- Perform firewall upgrades, configuration backups, and software maintenance.
- Troubleshoot firewall, routing, switching, and connectivity issues.
- Configure and support routing protocols including BGP, OSPF, and EIGRP.
- Support hybrid network environments across on-premises and cloud platforms.
- Assist in planning, implementing, and validating network security changes.
- Analyze network traffic using Wireshark and packet capture tools.
- Monitor security events using Splunk, Syslog, and enterprise monitoring platforms.
- Investigate and resolve security incidents, outages, and performance issues.
- Participate in major incident response and root cause analysis activities.
- Identify, assess, and remediate firewall and network security vulnerabilities.
- Support change management processes using ServiceNow.
- Maintain accurate technical documentation, network diagrams, and firewall standards.
- Ensure compliance with security policies and regulatory requirements.
- Work closely with Security Operations, Infrastructure, Cloud, and Network Engineering teams.
- Provide technical guidance and support during projects and infrastructure deployments.
- Participate in on-call support and planned maintenance activities.
Required Skills & Experience
Palo Alto Networks- Hands-on experience administering Palo Alto Networks Next-Generation Firewalls (NGFW).
- Strong knowledge of:
- Panorama
- Security Policies
- NAT
- IPsec VPN
- SSL VPN
- WildFire
- Threat Prevention
- Application Control
- Advanced understanding of:
- TCP/IP
- Routing & Switching
- VLANs
- Network segmentation
- Experience with:
- BGP
- OSPF
- EIGRP
Security & Monitoring Tools
Experience with one or more of the following:
- Wireshark
- Splunk
- Syslog
- ServiceNow
- Netcool
- SevOne
Cisco Technologies
Experience supporting or migrating:
- Cisco ASA
- Cisco Firepower
- Cisco VPN technologies
Cloud Networking
Experience securing or supporting cloud environments including:
- Microsoft Azure
- Amazon Web Services (AWS)
- Google Cloud Platform (GCP)
Qualifications
Required- Palo Alto Networks Certified Network Security Engineer (PCNSE) or PCNSA Certification.
- Bachelor's degree in Computer Science, Information Technology, or equivalent practical experience.
- 5–7 years of hands-on experience supporting enterprise firewall and network security environments.
- CCNA or CCNP Security certification.
- Experience supporting large enterprise or managed services environments.
- Experience with vulnerability management and remediation.
- Familiarity with ITIL processes including Incident, Change, and Problem Management.
- Strong analytical and troubleshooting skills.
- Excellent communication and stakeholder management abilities.
- Experience working in fast-paced enterprise environments.
- Ability to prioritize multiple incidents and projects simultaneously.
- Commitment to continuous learning and staying current with evolving cybersecurity technologies.
- Hybrid work arrangement with on-site and remote flexibility.
- Participation in an on-call rotation, including weekends when required.
- Occasional travel for deployments, training, or project activities.
- Opportunity to work with enterprise-scale security infrastructure alongside experienced Network, Infrastructure, and Security teams.