Previous Job
Senior Security Engineer
Ref No.: 17-00219
Location: Durham, North Carolina
Position Type:Contract
Experience Level: 5 Years
Start Date: 06/06/2017

The Resident Engineer (RE) will provide expert support, analysis and research into complex problems and processes relating to deployed Palo Alto Networks equipment. The RE will function as the Palo Alto Networks products Subject Matter Expert (SME) and will interact directly with the customer's personnel. The RE will serve as the technical expert on executive-level project teams within the customer providing technical direction, interpretation, and alternatives. The RE contributes to the development of new principles and concepts, works on unusually complex technical problems and provides solutions which are highly innovative and ingenious. This is a highly technical, hands-on role and the RE will be required to develop and maintain an expertise on the products and solutions deployed within the Customer's network.    
General Responsibilities:
  • Work full-time at the customer site in Durham, NC office
  • Maintain the Palo Alto Networks solution and provide guidance on code upgrades, etc.
  • Consult and guide customer on security best practices and act as Trusted Advisor for client on behalf of Palo Alto Networks.
  • Analyze logs and events from the solution and provide threat analysis reports, providing input and direction as applicable.
  • Build custom security policies and application signatures.
  • Interact with the Palo Alto Networks TAC to troubleshoot and diagnose cases
  • Mitigate web-based threats in a timely manner by configuring Palo Alto Networks products using best practices.
  • Work with sales account team to help formulate technical strategy to address customer business needs.
  • Support direct manager in managing business needs through weekly reports and Quarterly Business Reviews.
  • Self-driven with ability to work autonomously.
  • Excellent written and verbal communication skills, with proven ability to communicate to sr. leaders and technical peers.
  • Minimum 2 years of experience managing security solutions in large environments.
  • Extensive knowledge of different security threats.
  • Strong understanding of core Internet protocols and applications.
  • Detailed technical experience in the installation, configuration and operation of high-end firewall appliances, ideally Palo Alto Networks products.
  • Strong TCP/IP networking skills.
  • Expert level experience deploying and managing IPSEC VPNs.
  • Detailed understanding of NAT and it's usage in a Palo Alto Networks NGFWs
  • Ability to effectively manage many different tasks simultaneously.
  • Extensive background in internetworking, LAN, and WAN technologies required.
  • Proven project leadership experience; ability to drive organizations and resources to complete required tasks in service of end goals.
 Specific Experience and Responsibilities
  • Proven ability to lead migrations from legacy equipment, including Checkpoint FW and IPS, Cisco IronPort URL, Cisco Anyconnect, and McAfee DLP, onto Palo Alto Networks NGFW and using advanced features of the platform.
  • Design, configure and deploy Panorama to centrally manage PA-800s and two sets of PA-5250 pairs in 2 different datacenters providing consolidated Internet and Data Center perimeter security.
  • Deep understanding of virtualization / cloud solutions and how to safely integrated and secure those environments, specifically Arista and VMware NSX solutions.
  • Assist / drive adoption of User-ID with both Active Directory and non-AD sources while implementing user based policies wherever possible.
  • Thorough understanding of App-ID and proven ability of deploying in production environments.    
  • Ability to integrate with existing cybersecurity solutions including McAfee DLP and ArcSight.
  • Strong understanding of SSL Decryption and how Palo Alto Networks performs this on their platform.
  • Expert level relationship management, communications skills and interpersonal skills to manage face to face communications on a daily basis with multiple levels of customer management and engineering staff across multiple departments within the host company in a responsible and professional fashion.
    • Will be required to work with third party vendors and managed service providers
    • Remain calm and show patience when faced with opposition and/or complex processes
  • Expert level troubleshooting methodology to isolate and identify configuration, design, and software anomalies; ability to clearly articulate findings in written and verbal communications with development level engineering staff.
 Competitive Experience in the following:
  • Cisco IronPort and AnyConnect VPN experience
  • Checkpoint FW/IPS experience
  • VMWare and NSX experience
  • Arista experience
  • AWS experience