Palo Alto Firewall Architect

Santa Clarita, CA - USA

Monthly Salary: Not Disclosed

Posted on: 10 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Title: Palo Alto Firewall Architect

Location: San Clara CA (Onsite)

Primary Skill Palo Alto Networks PAN-OS security policies NAT VPN (IPSec/SSL) VLAN

Job Description

Operational Support & Troubleshooting

Provide L3-level support for Palo Alto firewalls including incident response and change management.

Perform advanced configuration rule base management and policy optimization.

Monitor firewall health performance and logs; proactively identify and resolve issues.

Conduct root cause analysis for recurring or complex firewall/network problems.

Manage upgrades patches and firmware updates for Palo Alto devices.

Collaborate with SOC and IT teams to analyze and respond to security incidents.

Mentor and guide L1/L2 support teams.

Architecture & Policy Management

Work with network architects to design secure network segmentation and DMZ architectures.

Review and implement change requests ensuring compliance with security standards and ITIL processes.

Maintain detailed documentation for configurations operational procedures and troubleshooting guides.

Participate in audits and compliance activities related to network security.

Strategic Initiatives

Device Group Hierarchy Implementation: Design and implement proper device group hierarchy across Palo Alto firewalls; eliminate redundant device groups (e.g. Internet and InternetSyslog) to improve efficiency and reduce risk; address object limit commit issues and external dynamic list object limit avoidance; deduplicate security policies across device groups.

Firewall Hardware Rationalization: Decommission legacy firewalls (e.g. CCASJC34-LAMR-UTM-1 2 3 4) to reduce hardware footprint and cost; replace end-of-life PA-220 firewalls (3 units) to align with PAN-OS 11.1 standards; eliminate 25 IPS firewall devices and migrate IPS functionality to existing on-prem firewalls.

Prisma Access Decommissioning: Plan and execute elimination of Prisma Access to reduce cost and complexity; implement India central VM firewall and coordinate with GIS team for network changes; transition internet access for sites currently using Prisma to on-prem solutions.

Policy & Configuration Improvements: Analyze and recommend improvements for Internet Access Policies (workstations/servers) including on-prem and remote controls; address URL entry issues and provide analysis for a closed-door approach; fix vWire interface configurations to ensure VLAN inspection consistency.

Operational Monitoring & Best Practices: Recommend enhancements for operational monitoring and alerting (implementation not in scope); conduct health checks and best practices assessment; provide remediation recommendations.

Required Skills & Experience

10 years of experience in network security operations with at least 8 years focused on Palo Alto firewall administration.

Strong expertise in Palo Alto Networks PAN-OS security policies NAT VPN (IPSec/SSL) and threat prevention features.

Proficient in troubleshooting complex firewall and network issues (routing connectivity performance).

Experience with centralized management platforms (Panorama).

Familiarity with integration of firewalls with SIEM IDS/IPS and other security tools.

Solid understanding of TCP/IP VLANs DMZ and network segmentation.

Knowledge of change management and ITIL processes.

Relevant certifications (PCNSE PCNSA CISSP CCNP Security) preferred.

Excellent communication and documentation skills.

Required Qualifications

Bachelors degree in computer science Information Technology or related field (or equivalent experience).

Proven experience in device group hierarchy design and policy optimization.

Hands-on experience with firewall hardware lifecycle management and migration.

Familiarity with Prisma Access and VM firewall deployment.

Strong knowledge of PAN-OS security policies and object management.

Understanding of VLAN configurations and virtual wire interfaces.

Ability to analyze and recommend improvements for security posture and operational resilience.

Preferred Skills

Palo Alto Networks certifications (PCNSE PCCSE).

Experience with large-scale firewall deployments and global network environments.

Strong troubleshooting and analytical skills.

Key Competencies

Attention to detail and risk mitigation mindset.

Ability to work collaboratively with cross-functional teams.

Strong documentation and communication skills.

Job Title: Palo Alto Firewall Architect Location: San Clara CA (Onsite) Primary Skill Palo Alto Networks PAN-OS security policies NAT VPN (IPSec/SSL) VLAN Job Description Operational Support & Troubleshooting Provide L3-level support for Palo Alto firewalls including incident response and ...

Job Title: Palo Alto Firewall Architect

Location: San Clara CA (Onsite)

Primary Skill Palo Alto Networks PAN-OS security policies NAT VPN (IPSec/SSL) VLAN

Job Description

Operational Support & Troubleshooting

Provide L3-level support for Palo Alto firewalls including incident response and change management.

Perform advanced configuration rule base management and policy optimization.

Monitor firewall health performance and logs; proactively identify and resolve issues.

Conduct root cause analysis for recurring or complex firewall/network problems.

Manage upgrades patches and firmware updates for Palo Alto devices.

Collaborate with SOC and IT teams to analyze and respond to security incidents.

Mentor and guide L1/L2 support teams.

Architecture & Policy Management

Work with network architects to design secure network segmentation and DMZ architectures.

Review and implement change requests ensuring compliance with security standards and ITIL processes.

Maintain detailed documentation for configurations operational procedures and troubleshooting guides.

Participate in audits and compliance activities related to network security.

Strategic Initiatives

Device Group Hierarchy Implementation: Design and implement proper device group hierarchy across Palo Alto firewalls; eliminate redundant device groups (e.g. Internet and InternetSyslog) to improve efficiency and reduce risk; address object limit commit issues and external dynamic list object limit avoidance; deduplicate security policies across device groups.

Firewall Hardware Rationalization: Decommission legacy firewalls (e.g. CCASJC34-LAMR-UTM-1 2 3 4) to reduce hardware footprint and cost; replace end-of-life PA-220 firewalls (3 units) to align with PAN-OS 11.1 standards; eliminate 25 IPS firewall devices and migrate IPS functionality to existing on-prem firewalls.

Prisma Access Decommissioning: Plan and execute elimination of Prisma Access to reduce cost and complexity; implement India central VM firewall and coordinate with GIS team for network changes; transition internet access for sites currently using Prisma to on-prem solutions.

Policy & Configuration Improvements: Analyze and recommend improvements for Internet Access Policies (workstations/servers) including on-prem and remote controls; address URL entry issues and provide analysis for a closed-door approach; fix vWire interface configurations to ensure VLAN inspection consistency.

Operational Monitoring & Best Practices: Recommend enhancements for operational monitoring and alerting (implementation not in scope); conduct health checks and best practices assessment; provide remediation recommendations.

Required Skills & Experience

10 years of experience in network security operations with at least 8 years focused on Palo Alto firewall administration.

Strong expertise in Palo Alto Networks PAN-OS security policies NAT VPN (IPSec/SSL) and threat prevention features.

Proficient in troubleshooting complex firewall and network issues (routing connectivity performance).

Experience with centralized management platforms (Panorama).

Familiarity with integration of firewalls with SIEM IDS/IPS and other security tools.

Solid understanding of TCP/IP VLANs DMZ and network segmentation.

Knowledge of change management and ITIL processes.

Relevant certifications (PCNSE PCNSA CISSP CCNP Security) preferred.

Excellent communication and documentation skills.

Required Qualifications

Bachelors degree in computer science Information Technology or related field (or equivalent experience).

Proven experience in device group hierarchy design and policy optimization.

Hands-on experience with firewall hardware lifecycle management and migration.

Familiarity with Prisma Access and VM firewall deployment.

Strong knowledge of PAN-OS security policies and object management.

Understanding of VLAN configurations and virtual wire interfaces.

Ability to analyze and recommend improvements for security posture and operational resilience.

Preferred Skills

Palo Alto Networks certifications (PCNSE PCCSE).

Experience with large-scale firewall deployments and global network environments.

Strong troubleshooting and analytical skills.

Key Competencies

Attention to detail and risk mitigation mindset.

Ability to work collaboratively with cross-functional teams.

Strong documentation and communication skills.

Key Skills

APIs
Pegasystems
Spring
SOAP
.NET
Hybris
Solution Architecture
Service-Oriented Architecture
Adobe Experience Manager
J2EE
Java
Oracle

Apply Now

About Company

Apptad Inc

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI Resume Builder

Create an ATS-ready CV in minutes

AI Cover Letter

Write a personalized letter instantly

Palo Alto Firewall Architect

Santa Clarita, CA - USA

Job Summary

Key Skills

About Company

Related Jobs