Palo Alto Engineer
As Palo Alto Engineer for the Network Security Operations Centre (NSOC), you are a member of a team which manages IT security on behalf of customers to reduce the impact of security incidents and system compromises. This team provides security appliance support, event investigation and analysis, and countermeasure proposals. As part of the team responsible for the 24×7 Security Event Management Service, you will be responsible for the following items:
Palo Alto Administration
- Provide planning, engineering, implementation, configuration, operational support and troubleshooting for our Palo Alto Network devices.
- Validation of firewall configuration, rule creation, and assessment of firewall traffic flow (dynamic routing, log analysis).
- Research and assess new threats and security alerts, and recommends remedial actions to ensure network security design is resilient enough to deal with the latest threats and attacks scenarios.
- Develop technical documentation, including standards and standard operating procedures (SOPs) for operations personnel
- Provide design and technical input / support for engineering network security solutions based on recognized standards and best practices
- Report on key compliance and operational metrics for the network security infrastructure
- Work with vendors, application developers, database administrators, corporate IT, and other technology groups to deploy new or updated technology projects.
- Conduct routine hardware and software audits of all supported systems to ensure compliance with established standards, policies, procedures, and requirements
- Periodic security assessment of firewall, router, switches, VPN, SSL concentrator and other network component security configurations
- Maintain proper change management documentation for all hardware and software modifications
- Provide reliable 24/7 support for numerous facilities
- Provide Investigation support of any actual or potential information security incidents or Outages in the form of an RCA.
- Other duties as assigned
- Serve as a backup Administrator for one or more of the following technologies: Intel McAfee ESM, NSM, ELM, ATD, HIPS,HIPD, VSE, TIE, ACE, DLP, Application Control, Global Threat Intelligence, Move, and End point for MAC, Fire Eye, Etc
- Provide system administration and maintain operations of the Security Technology while Maintaining appliance agent deployment at or above 98% host saturation.
- Monitor system health, troubleshoot product issues and outages.
- Resolve appliance operating system issues as needed.
- Reporting and metrics as needed.
- Perform security log analysis during Information Security related events, identifying and reporting possible security breaches, incidents and violations of security policies
- Effectively liaise and communicate with the Remote Global Monitoring Security Operations Centers, key business stakeholders and management regarding information security incident events and trending
Must have demonstrated knowledge and experience with three or more of the following:
- UNIX, AIX & Solaris
- Windows Server Operating Systems
- Internet Connectivity and Protocols (TCP/IP)
- Wireless Networking
- Network architecture best practices
- Security Operations Centre/Information Protection Centre/Computer Incident Response Centre
- Enterprise Security Information Management systems
- VPN Communication Protocols
- Switches/Routers (basic configuration)
- Network/System Intrusion Detection or Prevention Systems
- Understanding of basic security concepts: Principle of Least Access, Compartmentalization etc.
- Firewall (configuration knowledge)
- Asset Management
- Palo Alto Network Appliances.
- Cisco ASA
- Security threat and attack countermeasures
- Critical Thinking and Analytical skills
- Excellent written and verbal communication skills
- Strong troubleshooting and problem solving skills
- Team player with ability to work autonomously
- Ability to prioritize, and re-prioritize work as required
Company Type: Privately Held
Company Size: 51 - 200