Senior Palo Alto Security Engineer

About

We are seeking a highly skilled and motivated Senior Hybrid Security Engineer to own the architecture and operations of Prisma Access while leading XSIAM configuration, automation, and SOC enablement. This role ensures continuity and momentum as Palo Alto consultants transition out. You will design, tune, and extend delivered solutions, with clear accountability for security automation, data source onboarding, Tier‑3 troubleshooting, and cross-team collaboration.

Core Responsibilities

Prisma Access (SASE) SME

• SME in design, deployment, and lifecycle management for Prisma Access across mobile users and remote networks.
• Integrate with corporate datacenters and public cloud (Azure, AWS); ensure high‑performance connectivity and Zero Trust posture.
• Own policy and configuration (app control, threat prevention, URL filtering, DLP) via Strata Cloud Manager/Panorama; drive best practices and compliance.

XSIAM Configuration & SOC Enablement

• Build and maintain alert policies, correlation rules, and detection content aligned to our risk profile.
• Integrate threat intelligence (external feeds + internal sources) and enrich alerts for high‑quality signal.
• Migrate playbooks (from XSOAR where applicable) and develop net‑new playbooks using Palo Alto best practices.
• Develop custom reporting and dashboards (SOC maturity, MTTR/MTTD, automation coverage, false‑positive rates).
• Onboard future data sources (IAM, DNS, NGFW, cloud logs, honeypots, EDR, SaaS, ticketing) with normalization and data model alignment.
• Optimize alerts and policies to reduce noise and improve response fidelity.

Endpoint/XDR Integration

• Partner with endpoint owners to deploy and tune XDR agents, profiles, and broker VM configuration.
• Ensure XDR telemetry flows into XSIAM; remediate ingestion gaps and schema drift.

Cross-Functional Collaboration

• Act as the primary liaison between internal teams (network, Check Point engineers, DevOps, IT, business units) and Palo Alto vendor‑side engineers.
• Develop and present detailed design and project plans; collaborate with stakeholders to gather requirements and manage expectations.

Network & Security Operations

• Configure and manage firewalls, VPNs, IDS/IPS, and access control policies across Palo Alto and Check Point environments.
• Provide Tier‑3 troubleshooting for complex issues across remote access, branch connectivity, telemetry, and automation failures.
• Support Cisco switching and wireless architecture and HPE EdgeConnect SD‑WAN integration for secure connectivity.

Documentation & Compliance

• Establish and maintain runbooks/SOPs, change control, and DR procedures for SASE + XSIAM.
• Ensure all network security practices align with industry standards and regulatory requirements (NIST, ISO 27001:2022).
• Maintain architectural diagrams, project plans, and audit‑ready documentation.

Required Qualifications

• 8+ years in enterprise network/security engineering with leadership experience in large‑scale environments.
• Expert in Palo Alto platforms (Prisma Access, Panorama/Strata, NGFW, GlobalProtect).
• Hands‑on XSIAM/XDR/SIEM experience (policy tuning, correlations, playbooks, TI feeds, integrations).
• Strong networking fundamentals (TCP/IP, BGP, OSPF, IPSec VPN, DNS/DHCP/NTP).
• Experience with Cisco switching and wireless architecture and HPE EdgeConnect SD‑WAN.
• Cloud networking expertise (Azure VNets, AWS VPCs).
• Automation: Ansible / Intune comfortable building and maintaining playbooks, jobs, and integrations.
• Exceptional communication skills; able to articulate technical details to technical and non‑technical audiences.

Preferred Certifications

• PCNSE, PCDRA (or equivalent XSIAM/XDR certs), CISSP, CCIE‑Security/Enterprise

Success Measures

• Reduction in alert noise via correlation/tuning; trend improvement in MTTD/MTTR.
• Playbook coverage (% of repetitive responses automated) and quality (successful runs, rollback rate).
• Telemetry completeness (% of priority sources onboarded and normalized).
• SASE uptime/performance and change‑management hygiene (SOP currency, audit pass rate).