Principal Network Engineer (SDN)
At Palo Alto Networks® everything starts and ends with our mission: protecting our way of life in the digital age by preventing successful cyberattacks. It’s not a small goal. It isn’t simple either, but we aren’t in this for the easy answer. As a company with a foundation in challenging the way things are done, we’re looking for innovators with a dedication to best. In return, your career will have a tangible impact – one that's working toward technology that affects every level of society.
Our mission doesn’t happen by treading softly – no, it happens by defining an industry. It means building products that haven't been thought of. It means selling products with a solutions mindset. It means supporting the infrastructure of a company that moves at an incredible speed – intentionally – to stay ahead of the world’s next cyberthreat.
This position is responsible for Palo Alto Networks’ network and security infrastructure for all enterprise, partner, and customer facing services. You will work with a team of senior level Network Engineers leading projects crafting, implementing, and maintaining our global WAN/LAN network infrastructure. Dynamic, fast-changing, and unpredictable defines our information technology team. We are looking for analytical, agile, and influential leaders who can quickly deliver meaningful results and solutions with the flexibility to accommodate evolving business needs and shifting priorities. Are you a motivated, intelligent, creative, and hardworking individual who wants to contribute and make a difference, this job is for you!
- Design, implement and provide support for all network related hardware/software
- Ensure system uptime and backup for network related equipment
- Work with the team on establishing network design principles, practices, implementations, documentation and LAN/WAN maintenance
- Conduct security assessments (with security team) and make recommendations on data/voice network (LAN, WLAN, WAN, DMZ, Internet), disaster recovery, remote access, network appliances, servers, and directory services security
- Conduct incident triage and response, including working with firewall and device logs, investigating security events, protecting forensic value of data and establishing monitoring and incident reporting and response procedures
- Work on establishing consistent metrics and collection methods for device log aggregation and review procedures
- Assist with defining the objectives of network implementations including developing and reviewing proposals and presentations
- Oversee security of hosted services and applications including security requirements and architecture, risk analysis, and periodic change reviews
- Work closely with engineering to help report issues and lead project deliverables and provide status and progress reports
- Provide comprehensive and timely support to all SOX and internal audit issues as they relate to Security Operations including analyzing data privacy requirements and implementing business process and IT controls
- BSCS or related field, MS preferred
- Knowledge and extensive experience of Python Scripting and Ansible for Network automation and analytics
- Experienced understanding of networking and routing protocols such as, TCP/IP, BGP4 (multi-homing), OSPF (multi-area), RIP, ISIS, etc.
- Working knowledge in the operation of Ethernet LAN switching protocols and standards including, VLANs, VLAN aggregation, Ether Channel, PVLANs, Spanning Tree & Rapid Spanning Tree, 802.1Q
- Extensive background in planning and crafting projects and analyzing existing network systems and procedures for efficiency and effectiveness
- Experience with Load Balancers, F5 preferred, AVI Load balancer and NGINX
- 1e, and CAT and fiber cable distribution systems.
- Expert knowledge of data center design, build-out, and standard methodologies
- Experienced in designing and implementing Business Continuity Plans and Disaster Recovery Plans and facilities
- Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms
- Expert knowledge of firewalls technologies, including VPNs and routing
- Experience with multi-tier architectures, including standard methodologies around tier isolation (for databases, etc)
- Ability to analyze network packet traces (PCAP).
- Deep understanding of network security systems, intrusion detection systems and protocols including, ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files, etc.
- Advanced knowledge of DNS and DHCP and Microsoft AD infrastructure
- Strong analytical skills for interpreting business requirements and translating them into technical specifications
- Superb communication skills, including the ability to write network and security documentation, policies, and guidelines
- Experience with automation/scripting/coding will be helpful
- Ability to work nights and weekends and provide 24/7 on-call support
- Well-versed in commercial InfoSec requirements, mentorship and standards
- Preferred certifications CCIE, CCSP, CCDP,
- Additional certifications desired CISSP, CISM, CISA, SANS, ISO17799 preferred but not required
Working at a high-tech cybersecurity company within Information Technology is a once in a lifetime opportunity. You’ll be joined with the brightest minds in technology, creating, building, and supporting tools and that enable our global teams on the front line of defense against cyberattacks. We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving technical gaps that inhibit productivity.
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together. To learn more about our dedication to inclusion and innovation, visit our Life at Palo Alto Networks page and our diversity website.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.
Additionally, we are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or an accommodation due to a disability or special need, please contact us at email@example.com.
Meet Some of Palo Alto Networks's Employees
Jacqueline T.Senior Technical Support Engineer, Team Lead, Endpoint Security
Jaqueline and her team assist customers who call in with technical questions or issues in order to ensure excellent user experiences and complete platform security.
Back to top