Posted in

Senior Enterprise Security Engineer – Infosec

Senior Enterprise Security Engineer – Infosec

CompanyPalo Alto Networks
LocationSanta Clara, CA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
Degrees
Experience LevelSenior

Requirements

  • 4-7 years of hands-on experience in the Network and Infrastructure security technologies.
  • 2+ years of experience with firewall technologies, including deep expertise with Palo Alto Networks Next-Generation Firewalls (NGFW) and security rule evaluation.
  • 2+ years of experience managing and securing cloud environments across AWS, GCP, and Microsoft Azure, with knowledge of native security tools and multi-cloud architectures.
  • Proven ability to design, build, and maintain scalable cloud infrastructure and secure cloud-native applications, leveraging infrastructure-as-code (IaC) principles.
  • Experience working with public sector systems, setting up and maintaining security controls to meet government standards like FedRAMP.
  • Strong working knowledge of IP networking, including routing, switching, VPNs, DNS, NAT, load balancing, and wireless for both on-prem and cloud environments.
  • Proficient in virtualization platforms such as VMware, with experience securing virtualized and hybrid workloads.
  • Experience working with REST APIs, automation scripting using Python or Go, and integration of security workflows into infrastructure tools.
  • Ability to evaluate and optimize firewall rules and access control policies across complex environments, aligning with Zero Trust and least privilege models.
  • Solid foundation in certificate management and PKI, including experience issuing and renewing certificates, managing key lifecycles, and enforcing secure communication using TLS and mutual authentication.
  • Strong experience with OS-level security hardening and configuration management across Linux (RHEL, Ubuntu) and Windows Server, including patching, log monitoring, enforcing CIS/NIST baselines, and secure user access controls.
  • Proficient in managing and securing Microsoft Active Directory (AD) environments, including Group Policy, LDAP integrations, role-based access control (RBAC), and identity federation for hybrid cloud architectures.
  • Self-motivated, strong troubleshooting skills, and capable of working independently in fast-paced environments with minimal supervision.
  • Strong communication skills with the ability to collaborate effectively with cross-functional teams, including network operations, cloud infrastructure, IAM, and compliance.

Responsibilities

  • Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
  • Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
  • Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
  • In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
  • Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
  • Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
  • Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
  • Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
  • Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
  • Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
  • Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
  • Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
  • Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

Preferred Qualifications

  • CISSP, AWS , GCP certifications preferred.
  • PCNSE certification is a plus.