Senior / Staff Network Automation Engineer
At Palo Alto Networks® everything starts and ends with our mission:
Being the cybersecurity partner of choice, protecting our digital way of life.
We have the vision of a world where each day is safer and more secure than the one before. These aren’t easy goals to accomplish – but we’re not here for easy. We’re here for better. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.
This position is responsible for Palo Alto Networks’ network and security infrastructure for all enterprise, partner, and customer-facing services. You will work with a team of senior-level Network Engineers leading projects crafting, implementing, and maintaining our global WAN/LAN network infrastructure. Dynamic, fast-changing and unpredictable defines our information technology team. We are looking for analytical, agile, and influential leaders who can quickly deliver meaningful results and solutions with the flexibility to accommodate evolving business needs and shifting priorities. Are you a motivated, intelligent, creative, and hardworking individual who wants to contribute and make a difference, this job is for you!
- Design, implement and provide support for all network-related hardware/software
- Ensure system uptime and backup for network-related equipment
- Work with the team on establishing network design principles, practices, implementations, documentation and LAN/WAN maintenance
- Conduct security assessments (with security team) and make recommendations on data/voice network (LAN, WLAN, WAN, DMZ, Internet), disaster recovery, remote access, network appliances, servers, and directory services security
- Conduct incident triage and response, including working with firewall and device logs, investigating security events, protecting the forensic value of data and establishing monitoring and incident reporting and response procedures
- Work on establishing consistent metrics and collection methods for device log aggregation and review procedures
- Assist with defining the objectives of network implementations including developing and reviewing proposals and presentations
- Oversee security of hosted services and applications including security requirements and architecture, risk analysis, and periodic change reviews
- Work closely with engineering to help report issues and lead project deliverables and provide status and progress reports
- Provide comprehensive and timely support to all SOX and internal audit issues as they relate to Security Operations including analyzing data privacy requirements and implementing business process and IT controls
- BSCS or related field, MS preferred
- Knowledge and experience of Python Scripting and Ansible for Network automation and analytics
- Experienced understanding of networking and routing protocols such as TCP/IP, BGP4 (multi-homing), OSPF (multi-area), RIP, ISIS, etc.
- Working knowledge in the operation of Ethernet LAN switching protocols and standards including, VLANs, VLAN aggregation, Ether Channel, PVLANs, Spanning Tree & Rapid Spanning Tree, 802.1Q
- Extensive background in planning and crafting projects and analyzing existing network systems and procedures for efficiency and effectiveness
- Experience with Load Balancers, F5 preferred, AVI Load balancer and NGINX
- 1e, and CAT and fiber cable distribution systems.
- Expert knowledge of data center design, build-out, and standard methodologies
- Experienced in designing and implementing Business Continuity Plans and Disaster Recovery Plans and facilities
- Experience performing configuration and troubleshooting of Cisco & Arista routing/switching platforms
- Expert knowledge of firewalls technologies, including VPNs and routing
- Experience with multi-tier architectures, including standard methodologies around tier isolation (for databases, etc)
- Ability to analyze network packet traces (PCAP).
- Deep understanding of network security systems, intrusion detection systems and protocols including, ACE, ACS, VPN, GRE, IPSEC, IKE, TACACS, RADIUS, ACLs, 802.1x, audits, log files, etc.
- Advanced knowledge of DNS and DHCP and Microsoft AD infrastructure
- Strong analytical skills for interpreting business requirements and translating them into technical specifications
- Superb communication skills, including the ability to write network and security documentation, policies, and guidelines
- Experience with automation/scripting/coding will be helpful
- Ability to work nights and weekends and provide 24/7 on-call support
- Well-versed in commercial InfoSec requirements, mentorship, and standards
- Preferred certifications CCIE, CCSP, CCDP,
- Additional certifications desired CISSP, CISM, CISA, SANS, ISO17799 preferred but not required
Working at a high-tech cybersecurity company within Information Technology is a once in a lifetime opportunity. You’ll be joined with the brightest minds in technology, creating, building, and supporting tools and that enable our global teams on the front line of defense against cyberattacks. We’re joined by one mission – but driven by the impact of that mission and what it means to protect our way of life in the digital age. Join a dynamic and fast-paced team that feels excitement at the prospect of a challenge and feels a thrill at resolving technical gaps that inhibit productivity.
We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.
We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at firstname.lastname@example.org.
Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.