Security Architect

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Palo Alto Networks Firewalls

Good to have skills :

NA

Minimum 3 Year(s) Of Experience Is Required

Educational Qualification :

15 years full time educationSummary: We are seeking a highly skilled Senior Network Security Engineer with proven experience in enterprise-grade security technologies including Palo Alto firewalls, IDS/IPS systems, VPN, WAF (Imperva), Cequence Bot Defense, Cloudflare DNS security, and Illumio Zero Trust microsegmentation. The ideal candidate will be responsible for designing, implementing, and maintaining network security controls to protect enterprise infrastructure, applications, and data from advanced cyber threats. Roles & Responsibilities: -Configure, deploy, and maintain Palo Alto Networks firewalls, including threat prevention, URL filtering, and App-ID policies. -Manage and monitor intrusion detection and prevention systems (IDS/IPS) for threat detection and response. -Configure and maintain VPN solutions (GlobalProtect or other IPsec/SSL-based systems) for secure remote access. -Analyze logs and events for unusual activity and support incident investigations. -Automate and optimize firewall rules and network segmentation for least-privilege access. -Deploy and manage Cequence Bot Defense for API security and bot mitigation. -Analyze bot traffic patterns and implement policies to block malicious automation. -Work with DevOps and application teams to integrate Cequence with key digital assets. -Configure and monitor Cloudflare DNS security services including threat blocking, filtering, and DoS mitigation. -Implement policies for DNS-layer protection and content filtering. -Ensure availability and resiliency of DNS infrastructure through Cloudflare edge network. -Implement and administer Illumio Zero Trust Segmentation for workload isolation and application-level segmentation. -Design and enforce microsegmentation policies to restrict lateral movement and reduce attack surface. -Continuously assess traffic flows to identify over-permissive access and optimize segmentation models. -Deploy and manage Imperva WAF to protect critical web applications from OWASP Top 10 and other application-level attacks. -Tune WAF rules to reduce false positives while maintaining effective security posture. -Work with application teams to ensure secure deployment pipelines and integrate security testing. Professional & Technical Skills: - Must To Have Skills: Proficiency in Palo Alto Networks Firewalls. - Strong understanding of cloud security principles and best practices. - Experience with security compliance frameworks such as ISO 27001, NIST, or CIS. - Familiarity with identity and access management solutions. - Knowledge of incident response and threat management processes. -Collaborate with SOC, DevOps, Infrastructure, and Application Security teams to improve detection and response. -Maintain security documentation, configuration baselines, and change control records. -Assist in incident response and forensic analysis during security events. -Stay current with emerging threats and recommend appropriate security controls. -Security certifications such as PCNSE, CCNP Security, GIAC (GCFW, GCIA), CISSP, or CEH. -Experience with REST APIs, automation/scripting (Python, Ansible), and infrastructure-as-code. -Understanding of Zero Trust architecture and NIST 800-207 principles -Rxperience in cybersecurity operations, with a focus on network and perimeter security. - Hands-on experience managing enterprise firewalls, preferably Palo Alto. - Experience in Bot protection and DNS security, including tools like Cequence and Cloudflare. -Proven track record in troubleshooting complex firewall and VPN issues in large-scale environments. -Experience conducting firewall audits, rule reviews, and implementing policy enhancements. -Demonstrated ability to manage incident response and change management processes. -Experience working in a global delivery model and collaborating with cross-functional teams. -Strong analytical and problem-solving skills with a continuous improvement mindset. Additional Information: - The candidate should have minimum 3 years of experience in Palo Alto Networks Firewalls. - This position is based at our Gurugram office. - A 15 years full time education is required.