Network Security II Engineer III

Job Title: Network Security Engineer II
Location: Onsite

Role Summary

Were seeking a Senior Network Security Engineer to enhance our global security posture focusing mainly on Palo Alto Zscaler WAF IoT/OT security and zero-trust architecture. You will design and deploy network security controls across standalone and hybrid environments safeguard critical web applications with WAF implement IoT/OT security measures in a manufacturing setting and lead teams in developing secure scalable solutions within an agile framework.

Key Responsibilities

• Design and implement network security architectures using Palo Alto Next-Generation Firewalls (NGFWs) and Zscaler (ZIA/ZPA) across on-premises cloud and remote settings.
• Lead the development and enforcement of zero-trust principles including identity-aware policies network segmentation and least-privilege access.
• Configure and maintain Palo Alto firewalls and Panorama managing policies NAT VPNs SSL decryption GlobalProtect and logging functionalities.
• Deploy and oversee Zscaler services integrating traffic forwarding methods security policies and identity provider (IdP) connections.
• Design implement and fine-tune Web Application Firewalls (WAF) to safeguard against the OWASP Top 10 threats and sophisticated web-based attacks.
• Develop and enforce IoT and operational technology (OT) security controls tailored for manufacturing plants.
• Resolve complex network security issues and monitor security controls and applications through log analysis packet captures and traffic flow examination.
• Utilize your expertise in switching and routing including VLANs BGP and OSPF to ensure secure and reliable connectivity.
• Work collaboratively with agile teams contributing to sprint planning refining user stories and iteratively delivering security features.
• Follow change control processes that involve conducting risk assessments documenting changes and validating implementation post-execution.
• Create clear technical documentation set standards and runbooks and provide mentorship to junior engineers as needed.

Required Qualifications

A Bachelor of Science degree in Information Technology Cybersecurity Computer Science or a closely related field.

Experience & Skills

• Extensive hands-on experience (ideally 5 years) in network security engineering within medium to large organizations.
• Proven expertise in managing Palo Alto firewalls preferably using Panorama in a production environment.
• Practical experience in deploying and managing Zscaler solutions (ZIA/ZPA/ZDX or similar).
• A deep understanding of zero-trust principles and how to apply them effectively in real-world scenarios.
• Solid background in architecting implementing and troubleshooting Web Application Firewalls (WAF).
• Demonstrated proficiency in designing and deploying security frameworks for Internet of Things (IoT) and Operational Technology (OT) environments.
• Strong knowledge of network switching and routing covering Layer 2/Layer 3 fundamentals along with experience in at least one major routing protocol.
• Comfortable working in an agile project management environment Scrum preferred.
• Excellent troubleshooting skills coupled with strong communication and documentation capabilities.

Certifications

At least one of the following certifications is required:

• PCNSE PCNSA ZDTA ZDTE or ZDXA
• CCNA
• CISSP

Nice to Have

• Experience with major cloud platforms like AWS Azure or GCP.
• Familiarity with SIEM/SOAR integrations and analysis.