Exposure Management & Attack Path Analysis Specialist

Position Overview

We are seeking a highly skilled Network Security Engineer with expertise in Palo Alto firewall administration, Panorama centralized management, Prisma SD-WAN, and Web Application Firewall (WAF) solutions to join our global security team. This role will be responsible for designing, implementing, and maintaining secure, resilient, and optimized network and application security infrastructures across on-premises, cloud, and SD-WAN environments. The engineer will play a critical role in protecting enterprise infrastructure, applications, and data against evolving cyber threats while ensuring compliance with industry standards and regulatory requirements.

Key Responsibilities

Firewall & Network Security

• Administer, configure, and maintain Palo Alto firewalls across global environments using Panorama for centralized policy and configuration management.




• Design and implement firewall policies, NAT rules, VPNs, and security profiles to enforce enterprise security standards.




• Conduct firewall audits, rule base reviews, and risk assessments to ensure secure and efficient configurations.




• Monitor and analyze firewall logs, s, and incidents in collaboration with SOC teams; provide timely remediation.

Prisma SD-WAN Management

• Deploy, configure, and manage Palo Alto Prisma SD-WAN infrastructure to ensure secure, optimized, and reliable connectivity across global sites.




• Implement traffic steering, QoS policies, and application-aware routing for performance and security.




• Monitor SD-WAN health, troubleshoot connectivity issues, and optimize network performance.




• Integrate Prisma SD-WAN with cloud security services and enforce Zero Trust principles.

Web Application Firewall (WAF) Management

• Deploy, configure, and maintain Web Application Firewalls (WAF) to protect web applications from OWASP Top 10 threats, DDoS, and advanced attacks.




• Implement custom WAF rules and policies for application-specific security requirements.




• Monitor WAF logs and s, investigate anomalies, and coordinate remediation with application teams.




• Integrate WAF solutions with SIEM/SOAR platforms for centralized monitoring and automated response.

Network Architecture & Integration

• Support secure network design and architecture reviews for global projects, mergers, and technology deployments.




• Collaborate with IT, Cloud, and Application teams to ensure seamless and secure connectivity across hybrid environments.




• Assist with incident response by providing network and application security expertise during investigations and post-incident reviews.

Automation & Documentation

• Develop and maintain automation scripts (Python, Ansible, Terraform) for firewall, SD-WAN, and WAF operations.




• Maintain comprehensive documentation of firewall policies, SD-WAN configurations, and WAF rules.

Compliance & Governance

• Ensure compliance with corporate security policies, regulatory requirements, and industry best practices (ISO 27001, SOC 2, NIST).




• Participate in an on-call rotation to support 24/7 global operations.

Qualifications & Skills

Required:

• Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience).




• 5+ years of experience in network security engineering with strong hands-on expertise in Palo Alto Networks firewalls (PAN-OS, Panorama).




• Experience managing Prisma SD-WAN deployments and policies.




• Hands-on experience with Web Application Firewalls (WAF) and application-layer security.




• Solid understanding of TCP/IP, routing, switching, DNS, VPNs, and network segmentation.




• Familiarity with SIEM, IDS/IPS, and network monitoring tools.




• Strong troubleshooting and analytical skills with ability to work under pressure.




• Excellent communication skills for working in a distributed, multicultural global team.

Preferred:

• Palo Alto certifications (PCNSE, PCNSA).




• Experience with cloud security (Azure, AWS) and firewall/WAF integration in cloud environments.




• Knowledge of automation and scripting (Python, Ansible, Terraform) for firewall, SD-WAN, and WAF operations.




• Exposure to Zero Trust architecture and secure access frameworks.