Lead Network Security Engineer - Palo Alto

About The Position

Requirements

• Bachelor’s degree in Engineering, Computer Science, Information Technology, Information Assurance, or Networking; or an Associate’s degree with 4 or more years of Network experience; or a high school diploma with 10 or more years of Network experience.
• 10 or more years of experience in network security engineering with a focus on firewall technologies.
• 5 or more years of hands‑on experience designing, implementing, and managing Palo Alto Firewall environments.
• 3 or more years of hands‑on experience designing, implementing, and managing Cisco Firepower platforms.
• 10 or more years of experience with core networking protocols including TCP/IP, DNS, DHCP, and VPN technologies.

Nice To Haves

• PCNSE (Palo Alto Networks Certified Network Security Engineer) certification.
• CCNP Security or CCIE Security certification.
• 5 or more years of experience working with security frameworks such as the NIST Cybersecurity Framework or ISO 27001.
• Ability to participate in on‑call rotation and support security events outside standard business hours as needed.
• Familiarity with cloud‑based security solutions within AWS, Azure, or Google Cloud.
• Experience supporting firewall automation and network security tooling.
• Strong documentation and communication skills supporting technical and non‑technical stakeholders.
• Ability to lead complex technical initiatives such as platform migrations and enterprise capability rollouts.
• Designed and supported HA / cluster architectures
• Large-scale Panorama environments

Responsibilities

• Design, implement, and manage secure network security architectures for large‑scale enterprise environments.
• Develop and maintain security policies and procedures aligned to regulatory and organizational requirements.
• Provide expert‑level configuration, optimization, and operational support for Palo Alto and Cisco Firepower firewall platforms.
• Troubleshoot complex network security issues across firewall, network, and remote‑access solutions.
• Review, implement, and manage firewall rules through enterprise ticketing systems in accordance with security best practices.
• Support PCI, SOC, and similar compliance audits and security assessments.
• Partner with cross‑functional teams to integrate network security solutions into existing infrastructure.
• Support enterprise remote‑access technologies including VPN platforms.
• Lead or support major initiatives such as firewall platform migrations, enterprise VPN deployments, acquired‑site integrations, and network security automation.
• Develop and maintain documentation for network architecture, security controls, policies, and procedures.

Benefits

• Employees regularly scheduled to work 20 or more hours per week are eligible for comprehensive benefits including: Medical, Dental, Vision, Life, STD/LTD, 401(k), Paid Time Off (PTO) or Flexible Time Off (FTO), Tuition Reimbursement and Employee Stock Purchase Plan.
• Employees regularly scheduled to work less than 20 hours, Casual, Intern, and Temporary employees are only eligible to participate in the 401(k) Plan.
• Employees who are regularly scheduled to work a 7 on/7 off schedule are eligible to receive all the foregoing benefits except PTO or FTO.