Network Security Engineer

Who We Are

Applied Materials is a global leader in materials engineering solutions used to produce virtually every new chip and advanced display in the world. We design build and service cutting-edge equipment that helps our customers manufacture display and semiconductor chips the brains of devices we use every day. As the foundation of the global electronics industry Applied enables the exciting technologies that literally connect our world like AI and IoT. If you want to push the boundaries of materials science and engineering to create next generation technology join us to deliver material innovation that changes the world.

What We Offer

Location:

Youll benefit from a supportive work culture that encourages you to learn develop and grow your career as you take on challenges and drive innovative solutions for our customers. We empower our team to push the boundaries of what is possiblewhile learning every day in a supportive leading global company. Visit our Careers website to learn more.

At Applied Materials we care about the health and wellbeing of our employees. Were committed to providing programs and support that encourage personal and professional growth and care for you at work at home or wherever you may go. Learn more about our benefits.

Summary

We are seeking a highly skilled Network Security Engineer to design implement and operate enterprise security solutions across Zero Trust access cloud security/SSE and next-generation firewall platforms. This role will lead engineering deployments and operations for Akamai Enterprise Application Access (EAA) Zscaler (ZIA/ZPA/ZDX as applicable) and Palo Alto Networks firewalls (PAN-OS) ensuring secure connectivity consistent policy enforcement and high availability across global environments.

Job Description

Applieds IT organization has a long reputation of being a great place to work. The IT team has been recognized as one of Computerworlds 100 Best Places to Work in addition numerous Applied IT leaders have been honored as a CIO Magazines Ones to Watch or Computerworld Premier 100 IT leaders.

The Senior Network Security Engineer / Solutions Architect is responsible for endtoend ownership of enterprise network and web security platforms spanning Zero Trust access Secure Service Edge (SSE) Web Application & DDoS protection Network Detection & Response (NDR) and NextGeneration Firewalls.

This role combines handson technical execution with architectural leadership and financial accountability. The individual will act as a platform ownerdriving design decisions ensuring operational stability leading threat response and managing vendor and cost governance for critical security services including Akamai (EAA WAF DDoS) Zscaler Palo Alto Networks and NDR platforms.

The position requires close collaboration with SOC Network Cloud IAM Application and Finance teams to ensure security controls are effective scalable and aligned with business priorities. The role also serves as a Tier3 escalation point during major incidents and provides strategic input into roadmap planning tool rationalization and security investment decisions.

This is a highimpact seniorlevel role ideal for a security professional who can operate at both technical depth and enterprise scale balancing risk reduction operational excellence and cost efficiency.

Core Competencies:

• Zero Trust Architecture & Secure Access
  Strong understanding of Zero Trust principles identityaware access least privilege and secure private application connectivity across hybrid environments.
• Web Application & DDoS Security
  Expertise in protecting internetfacing applications against OWASP Top 10 risks bot attacks and volumetric/applicationlayer DDoS threats while maintaining performance and availability.
• Network Defense & Threat Detection (NDR)
  Deep knowledge of network telemetry behavioral analytics eastwest traffic visibility and threat hunting using Network Detection & Response platforms.
• Enterprise Firewall & Segmentation Design
  Proven ability to design implement and govern segmentation and policy controls using nextgeneration firewalls (PaloAlto & FortiGate) aligned to NIST and Zero Trust standards.
• Incident Response & Security Operations
  Strong troubleshooting and incidenthandling skills across web attacks DDoS events access outages firewall issues and advanced networkbased threats.
• Platform Ownership & Operational Excellence
  Ability to operate security platforms at scale with defined KPIs runbooks escalation models and hypercare support during major changes.
• Financial & Vendor Management
  Demonstrated experience managing security platform costs license consumption renewals and vendor evaluations to maximize ROI and control spend.
• CrossFunctional Leadership & Communication
  Comfortable partnering with SOC Network Cloud IAM Application and Finance teams and communicating technical and financial tradeoffs to leadership.

Job Responsibilities

Akamai Zero Trust Web & Edge Security

• Design deploy and operate Akamai EAA for secure private application access across onprem cloud and hybrid environments.
• Implement and manage Akamai WAF protections including custom rules rate limiting bot management and OWASP Top 10 mitigation.
• Architect and support Akamai DDoS protection (L3L7) for internetfacing applications including event response and postincident analysis.
• Tune security policies to balance protection with application performance and user experience.
• Partner with application and platform teams to onboard new apps domains certificates and security profiles.

Zscaler SSE / Secure Web & Private Access

• Implement and operate Zscaler ZIA/ZPA (and related modules as in scope).
• Define and maintain security policies for secure web access private application access and traffic forwarding.
• Manage GRE/IPsec tunnels agent deployments PAC files and identity-based policy enforcement.
• Support incident investigations related to web threats access failures or performance degradation.

Palo Alto Networks NextGeneration Firewalls

• Engineer operate and maintain Palo Alto NGFWs (PANOS) including HA architectures.
• Maintain orchestration platforms such as Strata Manager and Panorama
• Implement zonebased segmentation NAT routing and threat prevention profiles.
• Lead firewall policy lifecycle management: design review recertification and cleanup aligned with NIST/Zero Trust principles.
• Support perimeter data center and internal segmentation firewall use cases.

Network Detection & Response (NDR)

• Serve as technical owner for Network Detection & Response (NDR) capabilities (onprem cloud and hybrid visibility).
• Tune detections reduce false positives and improve signal quality in partnership with SOC teams.
• Lead investigations for lateral movement commandandcontrol anomalous traffic and advanced threats.
• Provide architectural guidance on encrypted traffic visibility eastwest monitoring and cloud traffic inspection.

Threat Response Operations & Governance

• Serve as escalation point for web attacks DDoS events access outages and firewall incidents.
• Integrate platforms with SIEM/SOC IAM (Entra ID/Ping Identity) PKI and ITSM workflows.
• Develop operational runbooks dashboards and alerting for Tier2/Tier3 readiness.
• Drive POCs production rollouts and hypercare monitoring for new security capabilities.

Financial Ownership & Vendor Governance

• Own platform financials for Akamai Zscaler Palo Alto and NDR tools including:
  • License modeling and consumption tracking
  • Cost optimization and rightsizing
  • Renewal planning and budget forecasting
• Partner with Finance and Procurement on renewals trueups and vendor negotiations.
• Evaluate ROI and efficiency of security investments; provide datadriven recommendations for consolidation or expansion.
• Support POCs and vendor evaluations including technical and financial comparison inputs.

Education and Experience

710 years in network and security engineering / architecture roles.

Handson experience with:

• Zscaler ZIA/ZPA
• Akamai EAA WAF & DDoS
• Palo Alto Networks NGFW (PANOS) & Fortinet
• Network Detection & Response (NDR) platforms

Strong understanding of:

• Web security DDoS attack vectors OWASP Top 10
• Network telemetry threat detection traffic analysis
• Zero Trust segmentation identityaware access

Proven troubleshooting skills across multivendor multilayer security stacks

Preferred Qualifications

• Certifications: PCNSE Akamai Zscaler CISSP or equivalent.
• Experience with SIEM/SOAR integrations and SOC operations.
• Automation or scripting experience (Python APIs Terraform/Ansible).
• Cloud security and hybrid connectivity experience (Azure/AWS/GCP).
• Experience presenting financial and risk tradeoffs to leadership.

Additional Information

Time Type:

Employee Type:

Travel:

Relocation Eligible:

Applied Materials is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race color national origin citizenship ancestry religion creed sex sexual orientation gender identity age disability veteran or military status or any other basis prohibited by law.