Network Security Engineer, Firewall & Security Architecture (Palo Alto Focus)

We are seeking an experienced Network Security Engineer with strong expertise in enterprise firewall architecture and security engineering, particularly within Palo Alto Networks environments, to support the design, implementation, optimization, and governance of critical network security initiatives across complex infrastructure landscapes.

The role focuses on enhancing firewall policy structures, improving compliance posture, supporting cloud security integrations, and advising strategic infrastructure transformation projects, including data center redesign and segmentation initiatives.

The successful candidate combines deep technical firewall expertise with strong consulting capability, ensuring secure, scalable, and operationally efficient network security solutions aligned with business and regulatory requirements.

Key Responsibilities

Firewall Architecture & Policy Engineering

• Design, optimize, and maintain Palo Alto device group policy structures across enterprise firewall environments.
• Define scalable policy frameworks to support global segmentation, operational consistency, and governance standards.
• Lead the review and rationalization of firewall rule bases to improve maintainability and reduce risk exposure.
• Drive Firewall Rule Automation 2.0 initiatives, enabling increased automation, standardization, and lifecycle governance of security policies.

Compliance & Security Governance

• Perform detailed compliance reviews of firewall configurations and security policies against internal standards and regulatory requirements.
• Identify remediation actions and implement corrective measures to close compliance gaps.
• Support audit preparation and documentation related to network security controls.

Cloud Security & Security Service Integration

• Configure, support, and optimize CASB (Cloud Access Security Broker) solutions within the broader enterprise security architecture.
• Set up and maintain AIRs (Automated Incident Response / related security service components) to strengthen operational security capabilities.
• Ensure proper integration of cloud security controls with network perimeter security.

Infrastructure Security Projects

• Deliver security engineering support for additional Cyber and Infrastructure Security (CIS) project initiatives.
• Lead or contribute to DEV zone segregation projects, ensuring secure network segmentation between development, production, and sensitive environments.
• Provide technical security consulting for infrastructure transformation projects.

Strategic Consulting & Design Advisory

• Advise project teams on network security architecture during infrastructure change initiatives.
• Consult on the redesign of data center network architecture, including:
• Security zoning concepts
• Traffic flow control
• High availability design
• Active / Passive firewall cluster strategies

• Support design and validation of Active / Passive DC firewall cluster architectures for resilience and operational continuity.

Requirements:
Required Qualifications

• Strong hands-on experience with Palo Alto Networks firewalls in enterprise environments.
• Deep knowledge of firewall policy design, device groups, templates, and rule lifecycle management.
• Proven experience in firewall compliance review and remediation.
• Solid understanding of network segmentation, high availability, and data center security architecture.
• Experience with CASB platforms and cloud security controls.
• Familiarity with security automation concepts and firewall rule orchestration.
• Strong understanding of enterprise networking principles including routing, switching, NAT, VPN, and traffic inspection.
• Ability to work independently in project-based and consulting-oriented environments.

Preferred Qualifications

• Palo Alto certifications (PCNSE or equivalent).
• Experience in complex hybrid infrastructure environments.
• Exposure to regulated enterprise environments with strong governance requirements.
• Knowledge of data center transformation and zero trust architecture principles.

Core Competencies

• Analytical and structured problem solving
• Strong stakeholder communication
• Consulting mindset
• High ownership and delivery orientation
• Ability to translate security requirements into scalable technical solutions