Senior Cloud Security Engineer

Job Description

Your Career

Palo Alto Networks is disrupting the Cyber Security industry!  We are looking for a Senior Cloud and firewall Engineer to join our Infosec team that owns, securing and delivering security for our Enterprise, SaaS, and Public Cloud security services. With your networking, firewall, cloud, and development skills, you’ll design, build automation and integrate along with our secure programs – scale and secure our infrastructure and application in a Google Cloud Platform environment as well as collaborate with other team members. In this role, you will provide technical leadership in the development of Security programs by helping to drive the disruptive vision, technology planning, and estimation. If you are a fast learner and passionate about Cyber Security,  this is a great opportunity for you.

Your Impact

• Providing advanced operations and engineering support for critical systems and services, including application and security infrastructure on-prem and in the cloud.
• Responsible for assessing and reviewing the security and cloud infrastructure in both IT and production environments.
• Coordinates with various teams to ensure appliances and services are configured with the correct posture to support business requirements.
• In-depth knowledge of designing and implementing a Zero Trust Network Architecture, including network and identity segmentation.
• Continuous monitoring and improvement of IT support practices to enhance scalability, reliability, and performance in the product infrastructure.
• Assist in maintaining strong oversight of cloud computing solutions to safeguard against undue risks from third-party or external integrations.
• Develop automation using SOAR tools to streamline repetitive tasks and improve the overall efficiency of the security team.
• Collaborate with teams outside the Security Fusion Center, including Vulnerability Management, Network Engineering, OS Engineering, and product SRE.
• Prioritize and respond to critical vulnerabilities and data exposures with urgency and effective risk mitigation strategies.
• Develop and maintain security baselines for infrastructure components (e.g., VMs, containers, network devices) in alignment with CIS Benchmarks, NIST, and internal standards.
• Support incident response activities, including containment, forensic investigation, root cause analysis, and post-incident documentation.
• Perform regular policy and firewall rule reviews to ensure alignment with access requirements and enforcement of Zero Trust principles.
• Contribute to governance, risk, and compliance (GRC) efforts, including audit participation, third-party risk assessments, and evidence collection for SOC 2, ISO 27001, or FedRAMP certifications.

Qualifications

Your Experience 

• 4-7 years of hands-on experience in the Network and Infrastructure security technologies.
• 2+ years of experience with firewall technologies, including deep expertise with Palo Alto Networks Next-Generation Firewalls (NGFW) and security rule evaluation.
• 2+ years of experience managing and securing cloud environments across AWS, GCP, and Microsoft Azure, with knowledge of native security tools and multi-cloud architectures.
• Proven ability to design, build, and maintain scalable cloud infrastructure and secure cloud-native applications, leveraging infrastructure-as-code (IaC) principles.
• Experience working with public sector systems, setting up and maintaining security controls to meet government standards like FedRAMP.
• Strong working knowledge of IP networking, including routing, switching, VPNs, DNS, NAT, load balancing, and wireless for both on-prem and cloud environments.
• Proficient in virtualization platforms such as VMware, with experience securing virtualized and hybrid workloads.
• Experience working with REST APIs, automation scripting using Python or Go, and integration of security workflows into infrastructure tools.
• Ability to evaluate and optimize firewall rules and access control policies across complex environments, aligning with Zero Trust and least privilege models.
• Solid foundation in certificate management and PKI, including experience issuing and renewing certificates, managing key lifecycles, and enforcing secure communication using TLS and mutual authentication.
• Strong experience with OS-level security hardening and configuration management across Linux (RHEL, Ubuntu) and Windows Server, including patching, log monitoring, enforcing CIS/NIST baselines, and secure user access controls.
• Proficient in managing and securing Microsoft Active Directory (AD) environments, including Group Policy, LDAP integrations, role-based access control (RBAC), and identity federation for hybrid cloud architectures.
• Self-motivated, strong troubleshooting skills, and capable of working independently in fast-paced environments with minimal supervision.
• Strong communication skills with the ability to collaborate effectively with cross-functional teams, including network operations, cloud infrastructure, IAM, and compliance.
• CISSP, AWS , GCP certifications preferred.
• PCNSE  certification is a plus.