Principal Network Engineer
Palo Alto Networks® is the fastest-growing security company in history. We foster a culture of innovation, authenticity, and collaboration. This focus helps to advance our mission of protecting our way of life in the digital age. Our people make this possible. It’s in our everyday interactions, how we work together and treat each other, that sets Palo Alto Networks apart from other organizations. If you are a motivated, intelligent, creative, and hardworking individual, then this job is for you!
Palo Alto Networks™ is a revolutionary and dynamic company creating next generation network security products. If you are a motivated, intelligent, creative, and hardworking individual who wants to contribute and make a difference, this job is for you!
Fast-paced, fast-changing and unpredictable defines our information technology team. We are looking for analytical, agile, and influential leaders who can quickly deliver meaningful results and solutions with the flexibility to accommodate evolving business needs and shifting priorities.
This position is responsible for Palo Alto Networks’ (PANW) network and security infrastructure for all enterprise, partner, and customer facing services. A successful candidate for this role will have strong Technical and organization skills. You will work with a team of senior level Network Engineers leading projects designing, implementing, and maintaining PANWs global WAN/LAN network infrastructure.
- Design, implement and provide support for all network related hardware/software.
- Ensure system uptime and backup for network related equipment.
- Work with the team on establishing network design principles, practices, implementations, documentation and LAN/WAN maintenance
- Conduct security assessments (with security team) and make recommendations on data/voice network (LAN/WLAN/WAN/DMZ/Internet), disaster recovery, remote access, network appliances, servers, and directory services security
- Conduct incident triage and response, including working with firewall and device logs, investigating security events, protecting forensic value of data and establishing monitoring and incident reporting and response procedures.
- Work on establishing consistent metrics and collection methods for device log aggregation and review procedures
- Assist with defining the objectives of network implementations including developing and reviewing proposals and presentations
- Oversee security of hosted services and applications including security requirements and architecture, risk analysis, and periodic change reviews
- Work closely with engineering to help report issues and manage project deliverables and provide status and progress reports
- Provide comprehensive and timely support to all SOX and internal audit issues as they relate to Security Operations including analyzing data privacy requirements and implementing business process and IT controls
- Must have knowledge and extensive experience of Python Scripting and Ansible for Network automation and analytics
- Expert knowledge of networking and routing protocols such as, TCP/IP, BGP4 (multi-homing), OSPF (multi-area), RIP, ISIS, etc.
- Expert working knowledge in the operation of Ethernet LAN switching protocols and standards including, VLANs, VLAN aggregation, Ether Channel, PVLANs, Spanning Tree & Rapid Spanning Tree, 802.1Q
- Extensive background in planning and designing projects and analyzing existing network systems and procedures for efficiency and effectiveness
- Experience with Load Balancers, F5 preferred, Avi Loadbalancer and Nginx
- 1e, and CAT and fiber cable distribution systems.
- Expert knowledge of data center design, build-out, and best practices
- Experienced in designing and implementing Business Continuity Plans and Disaster Recovery Plans and facilities
- Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms
- Expert knowledge of firewalls technologies (PANW preferred), including VPNs and routing
- Experience with multi-tier architectures, including best practices around tier isolation (for databases, etc)
- Ability to analyze network packet traces (PCAP).
- Extensive knowledge of network security systems, intrusion detection systems and protocols including, ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files etc.
- Advanced knowledge of DNS and DHCP and Microsoft AD infrastructure.
- Extensive knowledge of network security systems, IDS’ and protocols including, ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files
- Strong analytical skills for interpreting business requirements and translating them into technical specifications
- Excellent communication skills, including the ability to write network and security documentation, policies, and guidelines
- Experience with automation/scripting/coding will be a big plus
- Ability to work nights and weekends and provide 24/7 on-call support
- Well-versed in commercial InfoSec requirements, guidance and standards
- CCIE, CCSP, CCDP, preferred
- CISSP, CISM, CISA, SANS, ISO17799 preferred but not required.
BSCS or related field, MS preferred
We are the global cybersecurity leader, known for always challenging the security status quo. Our mission is to protect our way of life in the digital age by preventing successful cyberattacks. This has given us the privilege of safely enabling tens of thousands of organizations and their customers. Our pioneering Security Operating Platform emboldens their digital transformation with continuous innovation that seizes the latest breakthroughs in security, automation, and analytics. By delivering a true platform and empowering a growing ecosystem of change-makers like us, we provide highly effective and innovative cybersecurity across clouds, networks, and mobile devices.
Our Security Operating Platform is built for automation. It is easy to operate, with capabilities that work together, so customers can prevent successful cyberattacks. They can use analytics to automate routine tasks, so they can focus on what matters. We are known for continuously delivering innovations; and with Application Framework, we extend that to an open ecosystem of developers that benefit from our customers’ existing investment in data, sensors, and enforcement points.
Back to top