Senior Network Security Engineer

Charlotte, VT - USA

Monthly Salary: Not Disclosed

Posted on: 5 days ago

Vacancies: 1 Vacancy

Job Summary

The position is described below. If you want to apply click the Apply button at the top or bottom of this page. Youll be required to create an account or sign in to an existing one.

If you have a disability and need assistance with the application you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries wont receive a response).

Regular or Temporary:

Regular

Language Fluency: English (Required)

Work Shift:

1st Shift (United States of America)

Please review the following job description:

We are looking for a Senior Zscaler & Palo Alto Firewall Engineer to drive the design deployment and ongoing optimization of our enterprise-grade Zero Trust security fabric. This is a hands-on senior-level technical role on a small but high-impact network security team. You will be a go-to expert for Zscaler (ZIA ZPA) Palo Alto firewalls Terraform-driven infrastructure-as-code and complex routing/cloud networking across a multi-cloud multi-branch environment.

Key Responsibilities

Lead the architecture deployment and lifecycle management of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) at scale (including App Connectors ZPA gateways policy orchestration and integration with identity providers).
Design configure and maintain Palo Alto Networks firewall estates (PA-Series VM-Series and Panorama) with security policy automation URL filtering threat prevention etc..
Build and maintain reusable Terraform modules for Zscaler Palo Alto cloud networking and routing infrastructure (full IaC pipelines using Terraform Cloud/Enterprise GitHub Actions or equivalent).
Architect and optimize routing strategies (BGP OSPF static policy-based routing) for hybrid WAN internet breakout direct cloud connectivity and SD-WAN overlays.
Troubleshoot complex issues involving Zscaler tunnels Palo Alto sessions routing loops asymmetric routing and multi-cloud latency.
Automate operational tasks (provisioning upgrades policy drift detection compliance reporting) using Terraform where appropriate.
Provide technical leadership and mentorship to mid-level and junior engineers.
Document architecture runbooks and lessons learned.

Required Qualifications

Expert-level hands-on deployment and troubleshooting experience with both Zscaler ZIA and ZPA in production environments (1000 users or 50 sites).
Expert-level experience with Palo Alto Panorama device groups templates and VM-Series in cloud environments.
Strong production experience writing and maintaining Terraform modules for networking/security appliances (Zscaler Terraform provider Palo Alto Terraform provider AWS/Azure/GCP providers).
Solid understanding of routing protocols (BGP especially eBGP/iBGP route reflectors communities prefix-lists) and cloud networking (transit architectures hub-and-spoke direct connect private endpoints).
Proven track record of delivering secure scalable designs in multi-cloud or hybrid environments.
Ability to work independently in a small-team environment while collaborating with cloud identity and application teams.

Preferred Qualifications

Terraform Associate or Terraform Professional certification
PCNSE (Palo Alto Certified Network Security Engineer) and at least one Zscaler certification (ZIA or ZPA Professional/Architect level) preferred
Experience with SASE SD-WAN or full Zero Trust Network Access (ZTNA 2.0) migrations
Scripting/automation beyond Terraform (Python PowerShell)
Experience in regulated industries (finance healthcare retail) with compliance requirements (PCI SOC 2 HIPAA)
CCNP (or equivalent advanced routing/security knowledge)

General Description of Available Benefits for Eligible Employees of CRC Group: At CRC Group were committed to supporting every aspect of teammates well-being physical emotional financial social and professional. Our best-in-class benefits program is designed to care for the whole you offering a wide range of coverage and support. Eligible full-time teammates enjoy access to medical dental vision life disability and AD&D insurance; tax-advantaged savings accounts; and a 401(k) plan with company match. CRC Group also offers generous paid time off programs including company holidays vacation and sick days new parent leave and more. Eligible positions may also qualify for restricted stock unitsand/or a deferred compensation plan.

CRC Group supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race gender color religion citizenship or national origin age sexual orientation gender identity disability veteran status or other classification protected by law. CRC Group is a Drug Free Workplace.

EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify

Required Experience:

Senior IC

The position is described below. If you want to apply click the Apply button at the top or bottom of this page. Youll be required to create an account or sign in to an existing one.If you have a disability and need assistance with the application you can request a reasonable accommodation. Send an e...