Netoyed - Palo Alto Network Security Specialist - Threat Modeling

<p><p>Were hiring a Palo Alto Network Security Specialist to design, implement, and operate next-gen firewall and SASE controls across enterprise and cloud networks.<br/><br/>You will own policy architecture, automation, and incident response for a multi-tenant, high-availability environment using PAN-OS, Panorama, Prisma Access, GlobalProtect, and integrations with SOC tooling (Cortex XDR/XSOAR or equivalents).<br/><br/><b>What youll do :</b><br/><br/>Operate & support (L2/L3) :<br/><br/>- Manage PAN-OS firewalls in HA; policy design, NAT, VPN (IPsec/SSL), routing (BGP/OSPF), SSL decryption.<br/><br/>- Triage and resolve P1/P2 incidents; root-cause analysis with packet captures (tcpdump/Wireshark) and threat logs.<br/><br/>- Maintain Global Protect, Threat Prevention, URL Filtering, WildFire, DNS security; tune & reduce false positives.<br/><br/>- Perform backups, config drift checks, and golden-config enforcement.<br/><br/><b>Deliver projects :</b><br/><br/>- Plan and execute upgrades, migrations (to Panorama/device groups), new site turn-ups, and rulebase clean-ups.<br/><br/>- Author MOPs, run pre/post checks, and execute maintenance-window changes with safe rollback.<br/><br/><b>Governance & hygiene :</b><br/><br/>- Drive rule recertification (shadowed/unused/over-permissive rules), object naming standards, tags/expirations.<br/><br/><b>Automation & tooling :</b><br/><br/>- Use Panorama APIs / Ansible/Terraform (nice-to-have) for policy-as-code, health checks, and reporting.<br/><br/>- Integrate with SIEM/SOAR (e.g., Cortex XDR/XSOAR, Splunk) and ticketing (ServiceNow/Jira).<br/><br/><b>What makes you a strong fit :</b><br/><br/>- 4 to 8+ years in network security, 3+ years hands-on with Palo Alto (PAN-OS 9/10/11) & Panorama.<br/><br/>- Deep knowledge of policy design, NAT/VPN, routing (BGP/OSPF), and platform features (Threat Prevention, Wild Fire, URL Filtering).<br/><br/>- Strong troubleshooting with logs/pcaps; comfortable leading customer bridges during P1s.<br/><br/>- PCNSE preferred / PCNSA minimum; solid TCP/IP and Linux fundamentals.<br/><br/><b>Nice to have :</b><br/><br/>- Cortex XDR/XSOAR, DNS Security, SD-WAN basics, Prisma Access exposure (as secondary skill only).<br/><br/>- Scripting/automation (Python, Ansible/Terraform), cloud networking (AWS/Azure).<br/><br/>- Immediate joiners only.<br/><br/>- Competitive Salary for the right candidate.<br/><br/>- Excellent comms and Customer facing ability.</p><br/></p> (ref:hirist.tech)