Network & Security Engineer

Essential Job Functions:

• Design, implement, operate, and support enterprise network security solutions across traditional, virtualized, and cloud environments, including routing, switching, segmentation, and traffic filtering technologies.
• Serve as a subject matter expert for network security technologies, including firewalls, remote access solutions, IPSec VPNs, IDS/IPS, web application firewalls, proxies, DLP, CASB, NAC, micro-segmentation, wired and wireless security, SIEM, and next-generation breach detection platforms.
• Operate Palo Alto Networks SaaS Inline Security capabilities to provide real-time inspection, threat prevention, and data protection for SaaS application traffic.
• Manage Palo Alto Networks AI Access Security controls to secure enterprise usage of AI-driven and generative AI platforms, including policy enforcement, data loss prevention, and visibility into AI application usage and risk.
• Operate SaaS Inline Security and AI Access Security with existing Palo Alto Networks firewall platforms, CASB, DLP, and SIEM solutions to deliver a cohesive, end-to-end security architecture.
• Define and enforce security policies for SaaS and AI application access aligned with corporate risk tolerance, data protection requirements, and industry best practices.
• Monitor, analyze, and respond to security events and alerts related to SaaS and AI application traffic, performing investigation, tuning, and continuous optimization of controls.
• Contribute to network security initiatives from concept and architecture through implementation, testing, and production rollout, ensuring solutions align with business and security requirements.
• Perform day-to-day operational support for network security infrastructure, including monitoring, troubleshooting, break-fix remediation, ticket handling, and change management in accordance with established processes and SLAs.
• Provide expert-level troubleshooting of complex network and security issues at the protocol level (TCP/UDP, IP, ARP, DNS, HTTP/S), identifying root causes and implementing sustainable corrective actions.
• Design, deploy, and maintain IPSec VPN solutions, including site-to-site and remote access, with a focus on scalability, security, and operational reliability.
• Administer, design, and support Palo Alto Networks firewalls in on-premises, virtualized, and cloud-based environments; perform policy optimization, threat prevention tuning, upgrades, and lifecycle management.
• Support and integrate complementary security platforms such as F5 WAF and CASB, ensuring seamless interoperability within the broader cybersecurity ecosystem.
• Develop and maintain detailed technical documentation, network diagrams, security standards, and operational runbooks that reflect best practices and reference architectures.
• Apply security control frameworks and methodologies (e.g., NIST, Cybersecurity Kill Chain) to architecture decisions, threat modeling, and remediation strategies.

Qualifications:

• Exp :- 5-8 years

Critical Skills

• Strong understanding of enterprise level network operations including but not limited to route, switch, segmentation and filtering technologies in traditional, virtualized and cloud environments
• Proven track record of successful IT project contribution from concept to completion
• Specialization in Network Security technologies including firewall, remote access and IPSec VPN
• Successful network-level troubleshooting and break-fix implementations
• Demonstrable experience with day-to-day network support, ticketing and change management
• Experience in network security solutions design, documentation, and best practices
• Proven experience working in engineering capacity supporting network security and capabilities such as Firewalls, Intrusion Detection and Prevention Systems, Proxies, DLP, Network Deception, micro-segmentation, Network Access Control (NAC), wired and wireless security, SIEM, Next Gen Breach Detection Systems, Cloud Access Security Brokers(CASB)
• Hands on experience with Palo Alto Networks firewalls, F5 WAF, and Palo Alto Networks CASB is highly desired.
• Expert-level understanding of network protocols (TCP/UDP, IP, ARP, DNS, HTTP(S), etc.)
• Detailed understanding of attack vectors, current threats, and their remediation strategies
• Strong time management skills planning, organizing, and leading architecture development efforts
• Strong interpersonal and communications skills to build and maintain ongoing business relationships
• Self-Starter that requires minimal supervision, multi-tasks effectively, and can provide oversight and coaching to others for any assigned projects or tasks.
• Detailed understanding of control frameworks and reference architectures such as NIST, Cybersecurity kill chain, etc.
• Able to stay on top of latest cybersecurity developments and next gen platforms
• Available for on call after hours support as required

• Demonstrable experience with IPSEC VPN design, implementation, troubleshooting
• Expert level knowledge of Palo Alto Networks firewalls, including administration, operations, design, deployment, troubleshooting
• Demonstrable experience with Palo Alto Networks firewalls in virtual and cloud environments
• Demonstrable experience with Palo Alto Networks SaaS Inline Security and AI Access Security capabilities
• Able to work with suppliers and vendors to assess a true value of cybersecurity capabilities vs what they are offering as a sales pitch and how those capabilities would apply to the company as a whole, from integrations to existing cybersecurity eco-system to their operationalization.
• Experience with various languages (perl, python required, Java) a plus