Principal Consultant, Zero Trust Advisory, Proactive Services (Unit 42) Remote

Your Career

In this client-facing role the Principal Consultant will lead complex Zero Trust engagements and produce deliverables inclusive of findings recommendations best practices technical capability enhancements and strategic roadmap items. The ideal candidate thrives at the intersection of deep technical architecture and high-stakes consulting translating complex Zero Trust theory into resilient real-world deployments for our most sophisticated clients.

Your Impact

• Drive high-value billable Zero Trust transformation engagements that convert complex security challenges into resilient architectural outcomes. 

• Simultaneously deliver elite advisory services to our clients and assist in scaling Unit 42s Zero Trust practice through technical innovation and business development.

• Assess enterprise architectures to expose hidden zones of implicit trust and high-risk lateral movement paths.

• Analyze enterprise telemetry and policy logs to identify visibility gaps across identity device and network layers.

• Execute Zero Trust risk assessments grounded in best practices such as NIST SP 800-207 the CISA ZT Maturity Model and MITRE ATT&CK to quantify architectural vulnerabilities

• Devise strategic security transformation recommendations and solutions to include Unit 42 services and Palo Alto Networks technology to assist customers in reducing risks

• Design risk-based control sets that prioritize identity-centric protection and least-privilege access.

• Audit the technical integration of SASE Identity EDR/XDR and Cloud Security to ensure they function as a unified automated fabric rather than a collection of disconnected silos.

• Develop ZT Roadmaps that provide clients with a realistic phased path to retiring legacy perimeter defenses.

• Scope new opportunities with prospective clients including drafting statements of work and responding to Requests for Proposals (RFPs).

• Expand Unit 42s market influence by spearheading high-visibility initiatives from keynote speaking and industry publications to internal intellectual property development that cements our position as a leading authority on Zero Trust security.

Qualifications :

Your Experience 

• 6 years leading high-stakes cybersecurity advisory and risk management engagements for enterprise clients.

• Former professional services and consulting experience required.

• 3 years of consulting experience architecting and deploying Zero Trust SASE or Identity-centric security models for large multinational organizations.

• Strong track record in strengthening existing and developing net-new client relationships.

• Lead enterprise Zero Trust advisory engagements translating business risk into actionable architectures aligned with NIST SP 800-207 NIST NCCoE Zero Trust use cases and CISA Zero Trust Maturity Model.

• Design and deliver end-to-end Zero Trust architectures across IAM network endpoint cloud application and security operations domains for large complex enterprises.

• Perform enterprise security and architecture assessments to identify gaps dependencies and maturity levels producing clear roadmaps toward an optimized Zero Trust posture.

• Serve as a trusted advisor to C-suite executives board members and senior leadership while also engaging deeply with engineers architects and security operations teams.

• Create high-quality client-ready deliverables including reference architectures target-state designs migration roadmaps executive presentations and technical runbooks.

• Demonstrate solution architecture leadership maintaining technical vision from strategy through detailed design and implementation.

• Apply a vendor-agnostic capability-driven approach to security architecture mapping controls and outcomes before technologies.

• Possess deep hands-on expertise with Palo Alto Networks technologies including Prisma Access NGFW Cortex XDR and their role in Zero Trust and SASE architectures.

• Architect and position modern security capabilities including ZTNA NGFW SSE SASE CNAPP CSPM CIEM XDR SIEM SOAR CASB SSPM SWG IAM and DLP within enterprise transformation programs.

• Evaluate and integrate identity-centric controls such as SSO MFA device posture least privilege and continuous trust evaluation.

• Understand security architecture in hybrid and multi-cloud environments (AWS Azure GCP). 

• Lead and mentor cross-functional consulting teams driving high-quality delivery technical rigor and client satisfaction across multiple concurrent engagements.

• Communicate complex security concepts with clarity and confidence through executive briefings technical workshops and public speaking engagements.

• Understand security controls using industry frameworks and compliance (CIS NIST 800-53).

• Contribute to business growth through pre-sales support solution positioning and strengthening long-term client relationships.

• Ability to perform travel requirements as needed to meet business demands (on average 30%).

• Bachelors Degree in Information Security Computer Science Cyber Security Network Security or equivalent years of professional experience to meet job requirements and expectations.

Additional Information :

The Team

Unit 42 Consulting is Palo Alto Networks security advisory team.  Our vision is to create a more secure digital world by providing the highest quality incident response risk management and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations data breach response digital forensics and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions we are experienced in working quickly to provide an effective incident response attack readiness and remediation plans with a focus on providing long-term support to improve our clients security posture.

Compensation Disclosure

The compensation offered for this position will depend on qualifications experience and work location. For candidates who receive an offer at the posted level the starting base salary (for non-sales roles) or base salary commission target (for sales/commissioned roles) is expected to be between $151000 - $208000/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.

Our Commitment

Were problem solvers that take risks and challenge cybersecuritys status quo. Its simple: we cant accomplish our mission without diverse teams innovating together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need please contact us at  .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Remote Work :

Yes

Employment Type :

Full-time